Month: December 2022

alerts

Vulnerability Summary for the Week of December 19, 2022

Post author By admin
Post date December 28, 2022

Original release date: December 28, 2022

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
greenend — sftpserver	DISPUTED A vulnerability was found in ewxrjk sftpserver. It has been declared as problematic. Affected by this vulnerability is the function sftp_parse_path of the file parse.c. The manipulation leads to uninitialized pointer. The real existence of this vulnerability is still doubted at the moment. The name of the patch is bf4032f34832ee11d79aa60a226cc018e7ec5eed. It is recommended to apply a patch to fix this issue. The identifier VDB-216205 was assigned to this vulnerability. NOTE: In some deployment models this would be a vulnerability. README specifically warns about avoiding such deployment models.	2022-12-18	9.8	CVE-2020-36617 N/A N/A
online_grading_system_project — online_grading_system	A SQL injection vulnerability in Sourcecodester Online Grading System 1.0 allows remote attackers to execute arbitrary SQL commands via the uname parameter.	2022-12-16	9.8	CVE-2021-31650 MISC
ruoyi — ruoyi	Deserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary code via weak cipher in Shiro framework.	2022-12-16	9.8	CVE-2021-38241 MISC
lmeve_project — lmeve	A vulnerability was found in roxlukas LMeve and classified as critical. Affected by this issue is some unknown functionality of the component Login Page. The manipulation of the argument X-Forwarded-For leads to sql injection. The attack may be launched remotely. The name of the patch is 29e1ead3bb1c1fad53b77dfc14534496421c5b5d. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216176.	2022-12-17	9.8	CVE-2021-4246 N/A N/A
kapetan_dns_project — kapetan_dns	A vulnerability was found in kapetan dns up to 6.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file DNS/Protocol/Request.cs. The manipulation leads to insufficient entropy in prng. The attack may be launched remotely. Upgrading to version 7.0.0 is able to address this issue. The name of the patch is cf7105aa2aae90d6656088fe5a8ee1d5730773b6. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216188.	2022-12-18	9.8	CVE-2021-4248 N/A N/A N/A N/A
mozilla — firefox	The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS < 101.	2022-12-22	9.8	CVE-2022-1887 MISC MISC
mutiny — mutiny	Mutiny 7.2.0-10788 suffers from Hardcoded root password.	2022-12-16	9.8	CVE-2022-37832 MISC
beardev — joomsport	The JoomSport WordPress plugin before 5.2.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users	2022-12-19	9.8	CVE-2022-4050 MISC
pluginus — inpost_gallery	The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP’s extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers.	2022-12-19	9.8	CVE-2022-4063 MISC
google — android	Product: AndroidVersions: Android kernelAndroid ID: A-235292841References: N/A	2022-12-16	9.8	CVE-2022-42529 MISC
contec — conprosys_hmi_system	CONPROSYS HMI System (CHS) Ver.3.4.4?and earlier allows a remote unauthenticated attacker to execute an arbitrary OS command on the server where the product is running by sending a specially crafted request.	2022-12-19	9.8	CVE-2022-44456 MISC MISC MISC
ruoyi_project — ruoyi	A vulnerability, which was classified as critical, has been found in y_project RuoYi 4.7.5. This issue affects some unknown processing of the file com/ruoyi/generator/controller/GenController. The manipulation leads to sql injection. The name of the patch is 167970e5c4da7bb46217f576dc50622b83f32b40. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215975.	2022-12-16	9.8	CVE-2022-4566 MISC MISC MISC MISC
crmx_project — crmx	A vulnerability was found in luckyshot CRMx and classified as critical. This issue affects the function get/save/delete/comment/commentdelete of the file index.php. The manipulation leads to sql injection. The attack may be initiated remotely. The name of the patch is 8c62d274986137d6a1d06958a6f75c3553f45f8f. It is recommended to apply a patch to fix this issue. The identifier VDB-216185 was assigned to this vulnerability.	2022-12-18	9.8	CVE-2022-4592 N/A N/A
tjws2_project — tjws2	A vulnerability was found in drogatkin TJWS2. It has been declared as critical. Affected by this vulnerability is the function deployWar of the file 1.x/src/rogatkin/web/WarRoller.java. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is 1bac15c496ec54efe21ad7fab4e17633778582fc. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216187.	2022-12-18	9.8	CVE-2022-4594 N/A N/A
flatpress — flatpress	PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress prior to 1.3.	2022-12-18	9.8	CVE-2022-4606 CONFIRM MISC
tum — ogc_web_feature_service	A vulnerability was found in 3D City Database OGC Web Feature Service up to 5.2.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to xml external entity reference. Upgrading to version 5.2.1 is able to address this issue. The name of the patch is 246f4e2a97ad81491c00a7ed72ce5e7c7f75050a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216215.	2022-12-18	9.8	CVE-2022-4607 N/A N/A N/A MISC
huawei — harmonyos	A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability.	2022-12-20	9.8	CVE-2022-46316 MISC
huawei — harmonyos	Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause out-of-bounds write.	2022-12-20	9.8	CVE-2022-46319 MISC MISC
huawei — harmonyos	The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory overwriting.	2022-12-20	9.8	CVE-2022-46320 MISC MISC
huawei — harmonyos	Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.	2022-12-20	9.8	CVE-2022-46323 MISC MISC
huawei — harmonyos	Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.	2022-12-20	9.8	CVE-2022-46324 MISC MISC
huawei — harmonyos	Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.	2022-12-20	9.8	CVE-2022-46325 MISC MISC
huawei — harmonyos	Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.	2022-12-20	9.8	CVE-2022-46326 MISC MISC
huawei — harmonyos	Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service exceptions.	2022-12-20	9.8	CVE-2022-46327 MISC MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a command injection vulnerability via the mac parameter at /goform/WriteFacMac.	2022-12-20	9.8	CVE-2022-46538 MISC
sick — sim2000_firmware	Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby affecting the confidentiality integrity and availability of the system. An attacker can expect repeatable success by exploiting the vulnerability. The recommended solution is to update the firmware to a version >= 1.13.4 as soon as possible (available in SICK Support Portal).	2022-12-16	9.8	CVE-2022-47377 MISC
ibm — cognos_analytics	IBM Cognos Analytics 11.1.7 11.2.0, and 11.2.1 could be vulnerable to a Server-Side Request Forgery Attack (SSRF) attack by constructing URLs from user-controlled data. This could enable attackers to make arbitrary requests to the internal network or to the local file system. IBM X-Force ID: 234180.	2022-12-19	9.1	CVE-2022-38708 MISC MISC
google — android	In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N/A	2022-12-16	8.8	CVE-2022-20607 MISC
google — android	In cellular modem firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240462530References: N/A	2022-12-16	8.8	CVE-2022-20610 MISC
broadcom — symantec_identity_governance_and_administration	An authenticated user can perform XML eXternal Entity injection in Management Console in Symantec Identity Manager 14.4	2022-12-16	8.8	CVE-2022-25628 MISC
ucf — materia	A vulnerability classified as problematic has been found in University of Central Florida Materia up to 9.0.0. This affects the function before of the file fuel/app/classes/controller/api.php of the component API Controller. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 9.0.1-alpha1 is able to address this issue. The name of the patch is af259115d2e8f17068e61902151ee8a9dbac397b. It is recommended to upgrade the affected component. The identifier VDB-215973 was assigned to this vulnerability.	2022-12-16	8.8	CVE-2022-4564 N/A N/A N/A MISC
axiosys — bento4	A vulnerability was found in Axiomatic Bento4. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-216170 is the identifier assigned to this vulnerability.	2022-12-17	8.8	CVE-2022-4584 N/A N/A N/A
samba — ppp	DISPUTED A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads to improper validation of array index. The real existence of this vulnerability is still doubted at the moment. The name of the patch is a75fb7b198eed50d769c80c36629f38346882cbf. It is recommended to apply a patch to fix this issue. VDB-216198 is the identifier assigned to this vulnerability. NOTE: pppdump is not used in normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked automatically in any scenario.	2022-12-18	8.8	CVE-2022-4603 N/A N/A
wp-english-wp-admin_project — wp-english-wp-admin	A vulnerability classified as problematic was found in wp-english-wp-admin Plugin up to 1.5.1. Affected by this vulnerability is the function register_endpoints of the file english-wp-admin.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. Upgrading to version 1.5.2 is able to address this issue. The name of the patch is ad4ba171c974c65c3456e7c6228f59f40783b33d. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216199.	2022-12-18	8.8	CVE-2022-4604 N/A N/A MISC
xml-rpc.net_project — xml-rpc.net	An XML external entity (XXE) injection vulnerability in XML-RPC.NET before 2.5.0 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, as demonstrated by a pingback.aspx POST request.	2022-12-18	8.8	CVE-2022-47514 MISC MISC
open-emr — openemr	Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.	2022-12-17	8.1	CVE-2022-4567 CONFIRM MISC
google — android	In onCreate of WifiDppConfiguratorActivity.java, there is a possible way for a guest user to add a WiFi configuration due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224772890	2022-12-16	7.8	CVE-2022-20503 MISC
google — android	In onCreate of WifiDialogActivity.java, there is a missing permission check. This could lead to local escalation of privilege from a guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-226133034	2022-12-16	7.8	CVE-2022-20506 MISC
google — android	In onMulticastListUpdateNotificationReceived of UwbEventManager.java, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246649179	2022-12-16	7.8	CVE-2022-20507 MISC
google — android	In onAttach of ConfigureWifiSettings.java, there is a possible way for a guest user to change WiFi settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-218679614	2022-12-16	7.8	CVE-2022-20508 MISC
google — android	In navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238602879	2022-12-16	7.8	CVE-2022-20512 MISC
google — android	In onCreate of various files, there is a possible tapjacking/overlay attack. This could lead to local escalation of privilege or denial of server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227203202	2022-12-16	7.8	CVE-2022-20520 MISC
google — android	In getSlice of ProviderModelSlice.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227470877	2022-12-16	7.8	CVE-2022-20522 MISC
google — android	In compose of Vibrator.cpp, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-228523213	2022-12-16	7.8	CVE-2022-20524 MISC
google — android	In SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-237291506	2022-12-16	7.8	CVE-2022-20540 MISC
google — android	In multiple functions of AdapterService.java, there is a possible way to manipulate Bluetooth state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240301753	2022-12-16	7.8	CVE-2022-20547 MISC
google — android	In setParameter of EqualizerEffect.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240919398	2022-12-16	7.8	CVE-2022-20548 MISC
google — android	In Multiple Locations, there is a possibility to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242845514	2022-12-16	7.8	CVE-2022-20550 MISC
google — android	In TBD of aud_hal_tunnel.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222162870References: N/A	2022-12-16	7.8	CVE-2022-20561 MISC
google — android	In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel	2022-12-16	7.8	CVE-2022-20566 MISC
google — android	In (TBD) of (TBD), there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220738351References: Upstream kernel	2022-12-16	7.8	CVE-2022-20568 MISC
google — android	In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233645166References: N/A	2022-12-16	7.8	CVE-2022-20582 MISC
google — android	In page_number of shared_mem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238366009References: N/A	2022-12-16	7.8	CVE-2022-20584 MISC
google — android	In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238716781References: N/A	2022-12-16	7.8	CVE-2022-20585 MISC
google — android	In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238718854References: N/A	2022-12-16	7.8	CVE-2022-20586 MISC
google — android	In ppmp_validate_wsm of drm_fw.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238720411References: N/A	2022-12-16	7.8	CVE-2022-20587 MISC
google — android	In ppmpu_set of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243480506References: N/A	2022-12-16	7.8	CVE-2022-20597 MISC
google — android	In sec_media_protect of media.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege of secure mode MFC Core with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242357514References: N/A	2022-12-16	7.8	CVE-2022-20598 MISC
google — android	In TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239847859References: N/A	2022-12-16	7.8	CVE-2022-20600 MISC
datadoghq — guarddog	GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to 0.1.5 are vulnerable to Relative Path Traversal when scanning a specially-crafted local PyPI package. Running GuardDog against a specially-crafted package can allow an attacker to write an arbitrary file on the machine where GuardDog is executed due to a path traversal vulnerability when extracting the .tar.gz file of the package being scanned, which exists by design in the tarfile.TarFile.extractall function. This issue is patched in version 0.1.5.	2022-12-17	7.8	CVE-2022-23531 MISC MISC MISC
paxtechnology — paydroid	The systool_server in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 fails to check for dollar signs or backticks in user supplied commands, leading to to arbitrary command execution as root.	2022-12-16	7.8	CVE-2022-26582 MISC
hcltech — bigfix_platform	In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent.	2022-12-19	7.8	CVE-2022-38659 MISC
poweriso — poweriso	A memory corruption vulnerability exists in the VHD File Format parsing CXSPARSE record functionality of PowerISO PowerISO 8.3. A specially-crafted file can lead to an out-of-bounds write. A victim needs to open a malicious file to trigger this vulnerability.	2022-12-16	7.8	CVE-2022-41992 MISC
google — android	In mmu_map_for_fw of gs_ldfw_load.c, there is a possible mitigation bypass due to Permissive Memory Allocation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231500967References: N/A	2022-12-16	7.8	CVE-2022-42531 MISC
google — android	In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible privilege escalation due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237838301References: N/A	2022-12-16	7.8	CVE-2022-42534 MISC
google — android	In getView of AddAppNetworksFragment.java, there is a possible way to mislead the user about network add requests due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224545390	2022-12-16	7.8	CVE-2022-42544 MISC
entropymine — deark	Deark v.1.6.2 was discovered to contain a stack overflow via the do_prism_read_palette() function at /modules/atari-img.c.	2022-12-19	7.8	CVE-2022-43289 MISC MISC
ibm — domino	IBM Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44754.	2022-12-19	7.8	CVE-2022-44750 MISC
ibm — notes	IBM Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44755.	2022-12-19	7.8	CVE-2022-44751 MISC
ibm — domino	IBM Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file.	2022-12-19	7.8	CVE-2022-44752 MISC
ibm — notes	IBM Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file.	2022-12-19	7.8	CVE-2022-44753 MISC
ibm — domino	IBM Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44750.	2022-12-19	7.8	CVE-2022-44754 MISC
ibm — notes	IBM Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44751.	2022-12-19	7.8	CVE-2022-44755 MISC
freedom — securedrop	A vulnerability was found in Freedom of the Press SecureDrop. It has been rated as critical. Affected by this issue is some unknown functionality of the file gpg-agent.conf. The manipulation leads to symlink following. Local access is required to approach this attack. The name of the patch is b0526a06f8ca713cce74b63e00d3730618d89691. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215972.	2022-12-16	7.8	CVE-2022-4563 N/A N/A N/A
linux — linux_kernel	An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.	2022-12-18	7.8	CVE-2022-47518 MISC MISC MLIST
linux — linux_kernel	An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames.	2022-12-18	7.8	CVE-2022-47519 MISC MISC MLIST
linux — linux_kernel	An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames.	2022-12-18	7.8	CVE-2022-47521 MISC MISC MLIST
knexjs — knex	Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query.	2022-12-19	7.5	CVE-2016-20018 MISC MISC
solarwinds — serv-u	Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext.	2022-12-16	7.5	CVE-2021-35252 MISC MISC MISC
owasp — nodegoat	A vulnerability has been found in OWASP NodeGoat and classified as problematic. This vulnerability affects unknown code of the file app/routes/research.js of the component Query Parameter Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The name of the patch is 4a4d1db74c63fb4ff8d366551c3af006c25ead12. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216184.	2022-12-18	7.5	CVE-2021-4247 N/A N/A N/A
haskell — xml-conduit	A vulnerability was found in xml-conduit. It has been classified as problematic. Affected is an unknown function of the file xml-conduit/src/Text/XML/Stream/Parse.hs of the component DOCTYPE Entity Expansion Handler. The manipulation leads to infinite loop. It is possible to launch the attack remotely. Upgrading to version 1.9.1.0 is able to address this issue. The name of the patch is 4be1021791dcdee8b164d239433a2043dc0939ea. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216204.	2022-12-18	7.5	CVE-2021-4249 N/A N/A N/A N/A
google — android	In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224002331	2022-12-16	7.5	CVE-2022-20516 MISC
google — android	In bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-239368697	2022-12-16	7.5	CVE-2022-20545 MISC
google — android	Product: AndroidVersions: Android kernelAndroid ID: A-212623833References: N/A	2022-12-16	7.5	CVE-2022-20560 MISC
google — android	Product: AndroidVersions: Android kernelAndroid ID: A-204541506References: N/A	2022-12-16	7.5	CVE-2022-20601 MISC
google — android	Product: AndroidVersions: Android kernelAndroid ID: A-211081867References: N/A	2022-12-16	7.5	CVE-2022-20602 MISC
google — android	In SAECOMM_CopyBufferBytes of SAECOMM_Utility.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231722405References: N/A	2022-12-16	7.5	CVE-2022-20605 MISC
juniper_networks — multiple_products	An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). If a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, this session will be torn down with an update message error. This issue cannot propagate beyond an affected system as the processing error occurs as soon as the update is received. This issue is exploitable remotely as the respective attribute will propagate through unaffected systems and intermediate AS (if any). Continuous receipt of a BGP update containing this attribute will create a sustained Denial of Service (DoS) condition. Since this issue only affects 22.3R1, Juniper strongly encourages customers to move to 22.3R1-S1. Juniper SIRT felt that the need to promptly warn customers about this issue affecting the 22.3R1 versions of Junos OS and Junos OS Evolved warranted an Out of Cycle JSA. This issue affects: Juniper Networks Junos OS version 22.3R1. Juniper Networks Junos OS Evolved version 22.3R1-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 22.3R1. Juniper Networks Junos OS Evolved versions prior to 22.3R1-EVO.	2022-12-22	7.5	CVE-2022-22184 CONFIRM
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are vulnerable to Insertion of Sensitive Information Into Sent Data. The moderators-only webcams lock setting is not enforced on the backend, which allows an attacker to subscribe to viewers’ webcams, even when the lock setting is applied. (The required streamId was being sent to all users even with lock setting applied). This issue is fixed in version 2.4-rc-6. There are no workarounds.	2022-12-17	7.5	CVE-2022-23488 MISC MISC
ffmpeg — ffmpeg	An issue was discovered in the FFmpeg through 3.0. vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause the null pointer dereference, impacting confidentiality and availability.	2022-12-16	7.5	CVE-2022-3109 MISC MISC
rockwellautomation — compactlogix_5370_firmware	A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS).	2022-12-16	7.5	CVE-2022-3157 MISC
rockwellautomation — micrologix_1100_firmware	Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device	2022-12-16	7.5	CVE-2022-3166 MISC
apache — traffic_server	Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an attacker to crash the server under certain conditions. This issue affects Apache Traffic Server: from 8.0.0 through 9.1.3.	2022-12-19	7.5	CVE-2022-32749 MISC
ibm — spectrum_control	IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982.	2022-12-20	7.5	CVE-2022-38391 MISC MISC
ultimatemember — jobboardwp	The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP.	2022-12-19	7.5	CVE-2022-4061 MISC
cedcommerce — wholesale_market_for_woocommerce	The Wholesale Market for WooCommerce WordPress plugin before 1.0.7 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server.	2022-12-19	7.5	CVE-2022-4106 MISC
redhat — satellite	A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker’s server by modifying the Referer header in an HTTP request of specific resources in the server.	2022-12-16	7.5	CVE-2022-4130 MISC
huawei — harmonyos	The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components.	2022-12-20	7.5	CVE-2022-41596 MISC MISC
huawei — harmonyos	The system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data confidentiality.	2022-12-20	7.5	CVE-2022-41599 MISC MISC
google — android	In sms_GetTpUdlIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243401445References: N/A	2022-12-16	7.5	CVE-2022-42524 MISC
google — android	In cd_SsParseMsg of cd_SsCodec.c, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-244448906References: N/A	2022-12-16	7.5	CVE-2022-42527 MISC
ibm — cognos_analytics	IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could be vulnerable to a Log Injection attack by constructing URLs from user-controlled data. This could enable attackers to make arbitrary requests to the internal network or to the local file system. IBM X-Force ID: 240266.	2022-12-19	7.5	CVE-2022-43883 MISC MISC
rockoa — xinhu	SQL Injection exits in xinhu < 2.5.0	2022-12-19	7.5	CVE-2022-45041 MISC MISC
hutool — hutool	A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.8.11 is able to address this issue. It is recommended to upgrade the affected component. VDB-215974 is the identifier assigned to this vulnerability.	2022-12-16	7.5	CVE-2022-4565 MISC MISC
tenda — i22_firmware	Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function.	2022-12-20	7.5	CVE-2022-45665 MISC
tenda — i22_firmware	Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function.	2022-12-20	7.5	CVE-2022-45666 MISC
tenda — ac10_firmware	Tenda AC15 V15.03.06.23 is vulnerable to Buffer Overflow via function formSetClientState.	2022-12-16	7.5	CVE-2022-46109 MISC
aerocms_project — aerocms	AeroCMS v0.0.1 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (remote). The component is: AeroCMS v0.0.1.	2022-12-16	7.5	CVE-2022-46137 MISC
huawei — harmonyos	The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentiality.	2022-12-20	7.5	CVE-2022-46310 MISC
huawei — harmonyos	The contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data integrity.	2022-12-20	7.5	CVE-2022-46311 MISC
huawei — harmonyos	The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications.	2022-12-20	7.5	CVE-2022-46312 MISC MISC
huawei — harmonyos	The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.	2022-12-20	7.5	CVE-2022-46314 MISC
huawei — harmonyos	The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.	2022-12-20	7.5	CVE-2022-46315 MISC
huawei — harmonyos	The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.	2022-12-20	7.5	CVE-2022-46317 MISC MISC
huawei — harmonyos	The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data confidentiality.	2022-12-20	7.5	CVE-2022-46321 MISC MISC
huawei — harmonyos	Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.	2022-12-20	7.5	CVE-2022-46322 MISC MISC
huawei — harmonyos	Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.	2022-12-20	7.5	CVE-2022-46328 MISC MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the mac parameter at /goform/GetParentControlInfo.	2022-12-20	7.5	CVE-2022-46530 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/addWifiMacFilter.	2022-12-20	7.5	CVE-2022-46531 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceMac parameter at /goform/addWifiMacFilter.	2022-12-20	7.5	CVE-2022-46532 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeed parameter at /goform/SetClientState.	2022-12-20	7.5	CVE-2022-46533 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the speed_dir parameter at /goform/SetSpeedWan.	2022-12-20	7.5	CVE-2022-46534 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/SetClientState.	2022-12-20	7.5	CVE-2022-46535 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeedUp parameter at /goform/SetClientState.	2022-12-20	7.5	CVE-2022-46536 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security parameter at /goform/WifiBasicSet.	2022-12-20	7.5	CVE-2022-46537 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security_5g parameter at /goform/WifiBasicSet.	2022-12-20	7.5	CVE-2022-46539 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/addressNat.	2022-12-20	7.5	CVE-2022-46540 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the ssid parameter at /goform/fast_setting_wifi_set.	2022-12-20	7.5	CVE-2022-46541 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/addressNat.	2022-12-20	7.5	CVE-2022-46542 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the mitInterface parameter at /goform/addressNat.	2022-12-20	7.5	CVE-2022-46543 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the cmdinput parameter at /goform/exeCommand.	2022-12-20	7.5	CVE-2022-46544 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.	2022-12-20	7.5	CVE-2022-46545 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/RouteStatic.	2022-12-20	7.5	CVE-2022-46546 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/VirtualSer.	2022-12-20	7.5	CVE-2022-46547 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/DhcpListClient.	2022-12-20	7.5	CVE-2022-46548 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/saveParentControlInfo.	2022-12-20	7.5	CVE-2022-46549 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the urls parameter at /goform/saveParentControlInfo.	2022-12-20	7.5	CVE-2022-46550 MISC
tenda — f1203_firmware	Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the time parameter at /goform/saveParentControlInfo.	2022-12-20	7.5	CVE-2022-46551 MISC
drachtio — drachtio-server	An issue was discovered in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service (daemon crash) via a long message in a TCP request that leads to std::length_error.	2022-12-18	7.5	CVE-2022-47515 MISC MISC
drachtio — drachtio-server	An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service (daemon crash) via a crafted UDP message that leads to a failure of the libsofia-sip-ua/tport/tport.c self assertion.	2022-12-18	7.5	CVE-2022-47516 MISC MISC
drachtio — drachtio-server	An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.19. It allows remote attackers to cause a denial of service (daemon crash) via a crafted UDP message that causes a url_canonize2 heap-based buffer over-read because of an off-by-one error.	2022-12-18	7.5	CVE-2022-47517 MISC MISC MISC
google — android	In SetDecompContextDb of RohcDeCompContextOfRbId.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219265339References: N/A	2022-12-16	7.2	CVE-2022-20603 MISC
vmware — vrealize_operations	vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.	2022-12-16	7.2	CVE-2022-31707 MISC
aerocms_project — aerocms	In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=edit_post , through which we can upload webshell and control the web server.	2022-12-16	7.2	CVE-2022-46135 MISC
ubi_reader_project — ubi_reader	A vulnerability, which was classified as problematic, has been found in UBI Reader up to 0.8.0. Affected by this issue is the function ubireader_extract_files of the file ubireader/ubifs/output.py of the component UBIFS File Handler. The manipulation leads to path traversal. The attack may be launched remotely. Upgrading to version 0.8.5 is able to address this issue. The name of the patch is d5d68e6b1b9f7070c29df5f67fc060f579ae9139. It is recommended to upgrade the affected component. VDB-216146 is the identifier assigned to this vulnerability.	2022-12-17	7.1	CVE-2022-4572 MISC MISC MISC MISC
linux — linux_kernel	An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.	2022-12-18	7.1	CVE-2022-47520 MISC MISC MLIST

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
paxtechnology — paydroid	PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 was discovered to be vulnerable to command injection.	2022-12-16	6.8	CVE-2022-26580 MISC
paxtechnology — paydroid	The ADB daemon in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows the execution of the systool utility in production mode, allowing unauthenticated attackers to perform privileged actions.	2022-12-16	6.8	CVE-2022-26581 MISC
ibm — spectrum_scale	IBM Spectrum Scale 5.1 could allow users with permissions to create pod, persistent volume and persistent volume claim to access files and directories outside of the volume, including on the host filesystem. IBM X-Force ID: 235740.	2022-12-19	6.8	CVE-2022-40607 MISC MISC
google — android	In multiple locations of DreamManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and dismissal of system dialogs with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-225878553	2022-12-16	6.7	CVE-2022-20504 MISC
google — android	In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitationProduct: AndroidVersions: Android-13Android ID: A-225981754	2022-12-16	6.7	CVE-2022-20505 MISC
google — android	In mapGrantorDescr of MessageQueueBase.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244713317	2022-12-16	6.7	CVE-2022-20509 MISC
google — android	In acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator of Idmap2Service.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245727875	2022-12-16	6.7	CVE-2022-20514 MISC
google — android	In parameterToHal of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the audio server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-237291425	2022-12-16	6.7	CVE-2022-20539 MISC
google — android	In getCurrentConfigImpl of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240266798	2022-12-16	6.7	CVE-2022-20546 MISC
google — android	In authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242702451	2022-12-16	6.7	CVE-2022-20549 MISC
google — android	In removeEventHubDevice of InputDevice.cpp, there is a possible OOB read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245770596	2022-12-16	6.7	CVE-2022-20554 MISC
google — android	In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-247092734	2022-12-16	6.7	CVE-2022-20557 MISC
google — android	In TBD of ufdt_convert, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242067561References: N/A	2022-12-16	6.7	CVE-2022-20563 MISC
google — android	In _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243798789References: N/A	2022-12-16	6.7	CVE-2022-20564 MISC
google — android	In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-229258234References: N/A	2022-12-16	6.7	CVE-2022-20569 MISC
google — android	In extract_metadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234030265References: Upstream kernel	2022-12-16	6.7	CVE-2022-20571 MISC
google — android	In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel	2022-12-16	6.7	CVE-2022-20572 MISC
google — android	In externalOnRequest of rilapplication.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239701761References: N/A	2022-12-16	6.7	CVE-2022-20576 MISC
google — android	In OemSimAuthRequest::encode of wlandata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762281References: N/A	2022-12-16	6.7	CVE-2022-20577 MISC
google — android	In RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509749References: N/A	2022-12-16	6.7	CVE-2022-20578 MISC
google — android	In RadioImpl::setCdmaBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243510139References: N/A	2022-12-16	6.7	CVE-2022-20579 MISC
google — android	In ufdt_do_one_fixup of ufdt_overlay.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243629453References: N/A	2022-12-16	6.7	CVE-2022-20580 MISC
google — android	In the Pixel camera driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-245916120References: N/A	2022-12-16	6.7	CVE-2022-20581 MISC
google — android	In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in S-EL1 with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234859169References: N/A	2022-12-16	6.7	CVE-2022-20583 MISC
google — android	In sysmmu_map of sysmmu.c, there is a possible EoP due to a precondition check failure. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238785915References: N/A	2022-12-16	6.7	CVE-2022-20588 MISC
google — android	In updateStart of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239567689References: N/A	2022-12-16	6.7	CVE-2022-20594 MISC
google — android	In sendChunk of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700400References: N/A	2022-12-16	6.7	CVE-2022-20596 MISC
google — android	In Pixel firmware, there is a possible exposure of sensitive memory due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332706References: N/A	2022-12-16	6.7	CVE-2022-20599 MISC
broadcom — symantec_identity_governance_and_administration	An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4	2022-12-16	6.7	CVE-2022-25627 MISC
google — android	In HexString2Value of util.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231403References: N/A	2022-12-16	6.7	CVE-2022-42501 MISC
google — android	In FacilityLock::Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231970References: N/A	2022-12-16	6.7	CVE-2022-42502 MISC
google — android	In ProtocolMiscBuilder::BuildSetLinkCapaReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231983References: N/A	2022-12-16	6.7	CVE-2022-42503 MISC
google — android	In CallDialReqData::encodeCallNumber of callreqdata.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241232209References: N/A	2022-12-16	6.7	CVE-2022-42504 MISC
google — android	In ProtocolMiscBuilder::BuildSetSignalReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241232492References: N/A	2022-12-16	6.7	CVE-2022-42505 MISC
google — android	In SimUpdatePbEntry::encode of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388399References: N/A	2022-12-16	6.7	CVE-2022-42506 MISC
google — android	In ProtocolSimBuilder::BuildSimUpdatePb3gEntry of protocolsimbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388774References: N/A	2022-12-16	6.7	CVE-2022-42507 MISC
google — android	In ProtocolCallBuilder::BuildSendUssd of protocolcallbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388966References: N/A	2022-12-16	6.7	CVE-2022-42508 MISC
google — android	In CallDialReqData::encode of callreqdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241544307References: N/A	2022-12-16	6.7	CVE-2022-42509 MISC
google — android	In StringsRequestData::encode of requestdata.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762656References: N/A	2022-12-16	6.7	CVE-2022-42510 MISC
google — android	In EmbmsSessionData::encode of embmsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762712References: N/A	2022-12-16	6.7	CVE-2022-42511 MISC
google — android	In ProtocolEmbmsBuilder::BuildSetSession of protocolembmsbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763204References: N/A	2022-12-16	6.7	CVE-2022-42513 MISC
google — android	In BroadcastSmsConfigsRequestData::encode of smsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242536278References: N/A	2022-12-16	6.7	CVE-2022-42518 MISC
google — android	In CdmaBroadcastSmsConfigsRequestData::encode of cdmasmsdata.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242540694References: N/A	2022-12-16	6.7	CVE-2022-42519 MISC
google — android	In ServiceInterface::HandleRequest of serviceinterface.cpp, there is a possible use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242994270References: N/A	2022-12-16	6.7	CVE-2022-42520 MISC
google — android	In encode of wlandata.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130019References: N/A	2022-12-16	6.7	CVE-2022-42521 MISC
google — android	In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243376893References: N/A	2022-12-16	6.7	CVE-2022-42523 MISC
google — android	In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509750References: N/A	2022-12-16	6.7	CVE-2022-42525 MISC
google — android	In ConvertUtf8ToUcs2 of radio_hal_utils.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509880References: N/A	2022-12-16	6.7	CVE-2022-42526 MISC
google — android	In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231445184	2022-12-16	6.7	CVE-2022-42542 MISC
apache — zeppelin	The improper Input Validation vulnerability in “”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.	2022-12-16	6.5	CVE-2021-28655 MISC
google — android	In onCreate of LogAccessDialogActivity.java, there is a possible way to bypass a permission check due to a tapjacking/overlay attack. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244155265	2022-12-16	6.5	CVE-2022-20553 MISC
datadoghq — guarddog	GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to v0.1.8 are vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package. Extracting files using shutil.unpack_archive() from a potentially malicious tarball without validating that the destination file path is within the intended destination directory can cause files outside the destination directory to be overwritten. This issue is patched in version 0.1.8. Potential workarounds include using a safer module, like zipfile, and validating the location of the extracted files and discarding those with malicious paths.	2022-12-16	6.5	CVE-2022-23530 MISC MISC MISC
wpwax — directorist	The Directorist WordPress plugin before 7.4.4 does not prevent users with low privileges (like subscribers) from accessing sensitive system information.	2022-12-19	6.5	CVE-2022-3961 MISC
genetechsolutions — pie_register	The Registration Forms WordPress plugin before 3.8.1.3 does not have authorisation and CSRF when deleting users via an init action handler, allowing unauthenticated attackers to delete arbitrary users (along with their posts)	2022-12-19	6.5	CVE-2022-4024 MISC
cedcommerce — smsa_shipping_for_woocommerce	The SMSA Shipping for WooCommerce WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks, as well as does not validate the file to be downloaded, allowing any authenticated users, such as subscriber to download arbitrary file from the server	2022-12-19	6.5	CVE-2022-4107 MISC
adobe — campaign	Adobe Campaign version 7.3.1 (and earlier) and 8.3.9 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.	2022-12-16	6.5	CVE-2022-42343 MISC
clickstudios — passwordstate	A vulnerability has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as problematic. This vulnerability affects unknown code. The manipulation leads to insufficiently protected credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. VDB-216274 is the identifier assigned to this vulnerability.	2022-12-19	6.5	CVE-2022-4612 N/A N/A N/A
clickstudios — passwordstate	A vulnerability was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as critical. This issue affects some unknown processing of the component Browser Extension Provisioning. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216275.	2022-12-19	6.5	CVE-2022-4613 N/A N/A N/A
google — android	In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186777253References: Upstream kernel	2022-12-16	6.4	CVE-2022-20567 MISC
as_project — as	A vulnerability classified as problematic was found in as. This vulnerability affects the function getFullURL of the file include.cdn.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 4acad1e3d2c34c017473ceea442fb3e3e078b2bd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216208.	2022-12-18	6.1	CVE-2021-4251 N/A N/A
wp-ban_project — wp-ban	A vulnerability, which was classified as problematic, has been found in WP-Ban. This issue affects the function toggle_checkbox of the file ban-options.php. The manipulation of the argument $_SERVER[“HTTP_USER_AGENT”] leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76. It is recommended to apply a patch to fix this issue. The identifier VDB-216209 was assigned to this vulnerability.	2022-12-18	6.1	CVE-2021-4252 N/A N/A N/A
ctrlo — lenio	A vulnerability, which was classified as problematic, was found in ctrlo lenio. Affected is an unknown function in the library lib/Lenio.pm of the component Ticket Handler. The manipulation of the argument site_id leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 7a1f90bd2a0ce95b8338ec0926902da975ec64d9. It is recommended to apply a patch to fix this issue. VDB-216210 is the identifier assigned to this vulnerability.	2022-12-18	6.1	CVE-2021-4253 N/A N/A
ctrlo — lenio	A vulnerability has been found in ctrlo lenio and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/layouts/main.tt of the component Notice Handler. The manipulation of the argument notice.notice.text leads to cross site scripting. The attack can be launched remotely. The name of the patch is aa300555343c1c081951fcb68bfb6852fbba7451. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216211.	2022-12-18	6.1	CVE-2021-4254 N/A N/A
ctrlo — lenio	A vulnerability was found in ctrlo lenio and classified as problematic. Affected by this issue is some unknown functionality of the file views/contractor.tt. The manipulation of the argument contractor.name leads to cross site scripting. The attack may be launched remotely. The name of the patch is e1646d5cd0a2fbab9eb505196dd2ca1c9e4cdd97. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216212.	2022-12-18	6.1	CVE-2021-4255 N/A N/A
ctrlo — lenio	A vulnerability was found in ctrlo lenio. It has been classified as problematic. This affects an unknown part of the file views/index.tt. The manipulation of the argument task.name/task.site.org.name leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is e1646d5cd0a2fbab9eb505196dd2ca1c9e4cdd97. It is recommended to apply a patch to fix this issue. The identifier VDB-216213 was assigned to this vulnerability.	2022-12-18	6.1	CVE-2021-4256 N/A N/A
ctrlo — lenio	A vulnerability was found in ctrlo lenio. It has been declared as problematic. This vulnerability affects unknown code of the file views/task.tt of the component Task Handler. The manipulation of the argument site.org.name/check.name/task.tasktype.name/task.name leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 698c5fa465169d6f23c6a41ca4b1fc9a7869013a. It is recommended to apply a patch to fix this issue. VDB-216214 is the identifier assigned to this vulnerability.	2022-12-18	6.1	CVE-2021-4257 N/A N/A
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	6.1	CVE-2022-30679 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	6.1	CVE-2022-35694 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	6.1	CVE-2022-35696 MISC
emby — emby	In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account.	2022-12-16	6.1	CVE-2022-36223 MISC
hcltech — hcl_digital_experience	In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites.	2022-12-19	6.1	CVE-2022-38662 MISC
ibm — cognos_analytics	IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 235064.	2022-12-19	6.1	CVE-2022-39160 MISC MISC
apache — traffic_server	Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions.	2022-12-19	6.1	CVE-2022-40743 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	6.1	CVE-2022-42360 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	6.1	CVE-2022-42366 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	6.1	CVE-2022-42367 MISC
alinto — sogo	A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as problematic. Affected by this issue is the function _migrateMailIdentities of the file SoObjects/SOGo/SOGoUserDefaults.m of the component Identity Handler. The manipulation of the argument fullName leads to cross site scripting. The attack may be launched remotely. Upgrading to version 5.8.0 is able to address this issue. The name of the patch is efac49ae91a4a325df9931e78e543f707a0f8e5e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215960.	2022-12-16	6.1	CVE-2022-4556 MISC MISC MISC
alinto — sogo	A vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of the file SoObjects/SOGo/NSString+Utilities.m of the component Folder/Mail Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 5.8.0 is able to address this issue. The name of the patch is 1e0f5f00890f751e84d67be4f139dd7f00faa5f3. It is recommended to upgrade the affected component. The identifier VDB-215961 was assigned to this vulnerability.	2022-12-16	6.1	CVE-2022-4558 MISC MISC MISC
inex — ixp_manager	A vulnerability was found in INEX IPX-Manager up to 6.2.0. It has been declared as problematic. This vulnerability affects unknown code of the file resources/views/customer/list.foil.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 6.3.0 is able to address this issue. The name of the patch is bc9b14c6f70cccdb89b559e8bc3a7318bfe9c243. It is recommended to upgrade the affected component. VDB-215962 is the identifier assigned to this vulnerability.	2022-12-16	6.1	CVE-2022-4559 MISC MISC MISC
joget — joget_dx	A vulnerability was found in Joget up to 7.0.31. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 7.0.32 is able to address this issue. The name of the patch is ecf8be8f6f0cb725c18536ddc726d42a11bdaa1b. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215963.	2022-12-16	6.1	CVE-2022-4560 MISC MISC MISC
mediawiki — semantic_drilldown	A vulnerability classified as problematic has been found in SemanticDrilldown Extension. Affected is the function printFilterLine of the file includes/specials/SDBrowseDataPage.php of the component GET Parameter Handler. The manipulation of the argument value leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6e18cf740a4548166c1d95f6d3a28541d298a3aa. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215964.	2022-12-16	6.1	CVE-2022-4561 MISC MISC
mind-map_project — mind-map	A vulnerability was found in 1j01 mind-map and classified as problematic. This issue affects some unknown processing of the file app.coffee. The manipulation of the argument html leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 9617e6084dfeccd92079ab4d7f439300a4b24394. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216167.	2022-12-17	6.1	CVE-2022-4581 N/A N/A
starter-public-edition-4_project — starter-public-edition-4	A vulnerability was found in starter-public-edition-4 up to 4.6.10. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 4.6.11 is able to address this issue. The name of the patch is 2606983c20f6ea3430ac4b36b3d2e88aafef45da. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216168.	2022-12-17	6.1	CVE-2022-4582 N/A N/A N/A
oc-server3_project — oc-server3	A vulnerability classified as problematic has been found in Opencaching Deutschland oc-server3. This affects an unknown part of the file htdocs/templates2/ocstyle/start.tpl of the component Cookie Handler. The manipulation of the argument usercountryCode leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is c720f2777a452186c67ef30db3679dd409556544. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216171.	2022-12-17	6.1	CVE-2022-4585 N/A N/A N/A
oc-server3_project — oc-server3	A vulnerability classified as problematic was found in Opencaching Deutschland oc-server3. This vulnerability affects unknown code of the file htdocs/templates2/ocstyle/cachelists.tpl of the component Cachelist Handler. The manipulation of the argument name_filter/by_filter leads to cross site scripting. The attack can be initiated remotely. The name of the patch is a9f79c7da78cd24a7ef1d298e6bc86006972ea73. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216172.	2022-12-17	6.1	CVE-2022-4586 N/A N/A N/A
bostonsleep — slice	A vulnerability, which was classified as problematic, was found in Boston Sleep slice up to 84.1.x. Affected is an unknown function of the component Layout Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 84.2.0 is able to address this issue. The name of the patch is 6523bb17d889e2ab13d767f38afefdb37083f1d0. It is recommended to upgrade the affected component. VDB-216174 is the identifier assigned to this vulnerability.	2022-12-17	6.1	CVE-2022-4588 N/A N/A MISC
django_terms_and_conditions_project — django_terms_and_conditions	A vulnerability has been found in cyface Terms and Conditions Module up to 2.0.9 and classified as problematic. Affected by this vulnerability is the function returnTo of the file termsandconditions/views.py. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading to version 2.0.10 is able to address this issue. The name of the patch is 03396a1c2e0af95e12a45c5faef7e47a4b513e1a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216175.	2022-12-17	6.1	CVE-2022-4589 N/A N/A N/A MISC
toto_project — toto	A vulnerability was found in mschaef toto up to 1.4.20. It has been classified as problematic. This affects an unknown part of the component Todo List Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.4.21 is able to address this issue. The name of the patch is fdc825ac5249f40683377e8a526a06cdc6870125. It is recommended to upgrade the affected component. The identifier VDB-216177 was assigned to this vulnerability.	2022-12-17	6.1	CVE-2022-4590 N/A N/A N/A
toto_project — toto	A vulnerability was found in mschaef toto up to 1.4.20. It has been declared as problematic. This vulnerability affects unknown code of the component Email Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.21 is able to address this issue. The name of the patch is 1f27f37c1a06f54a76971f70eaa6139dc139bdf9. It is recommended to upgrade the affected component. VDB-216178 is the identifier assigned to this vulnerability.	2022-12-17	6.1	CVE-2022-4591 N/A N/A N/A
retra-system_project — retra-system	A vulnerability was found in retra-system. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is a6d94ab88f4a6f631a14c59b72461140fb57ae1f. It is recommended to apply a patch to fix this issue. VDB-216186 is the identifier assigned to this vulnerability.	2022-12-18	6.1	CVE-2022-4593 N/A N/A
django-openipam_project — django-openipam	A vulnerability classified as problematic has been found in django-openipam. This affects an unknown part of the file openipam/report/templates/report/exposed_hosts.html. The manipulation of the argument description leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is a6223a1150d60cd036106ba6a8e676c1bfc3cc85. It is recommended to apply a patch to fix this issue. The identifier VDB-216189 was assigned to this vulnerability.	2022-12-18	6.1	CVE-2022-4595 N/A N/A N/A
open-emr — openemr	Cross-site Scripting (XSS) – Reflected in GitHub repository openemr/openemr prior to 7.0.0.2.	2022-12-19	6.1	CVE-2022-4615 CONFIRM MISC
microweber — microweber	Cross-site Scripting (XSS) – Reflected in GitHub repository microweber/microweber prior to 1.3.2.	2022-12-21	6.1	CVE-2022-4617 CONFIRM MISC
jacic — electronic_bidding_core_system	Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.	2022-12-19	6.1	CVE-2022-46287 MISC MISC
jacic — electronic_bidding_core_system	Open redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.	2022-12-19	6.1	CVE-2022-46288 MISC MISC
microweber — microweber	Cross-site Scripting (XSS) – Stored in GitHub repository microweber/microweber prior to 1.3.2.	2022-12-22	6.1	CVE-2022-4647 MISC CONFIRM
rockwellautomation — micrologix_1400_firmware	Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an unauthenticated stored cross-site scripting vulnerability in the embedded webserver. The payload is transferred to the controller over SNMP and is rendered on the homepage of the embedded website.	2022-12-16	6.1	CVE-2022-46670 MISC
apache — helix	URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability in Apache Software Foundation Apache Helix UI component.This issue affects Apache Helix all releases from 0.8.0 to 1.0.4. Solution: removed the the forward component since it was improper designed for UI embedding. User please upgrade to 1.1.0 to fix this issue.	2022-12-19	6.1	CVE-2022-47500 MISC
paxtechnology — paydroid	PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows root privileged attackers to install an unsigned application by copying the APK to /data/app, setting the appropriate permissions and rebooting the device.	2022-12-16	6	CVE-2022-26579 MISC
trellix — endpoint_security	Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.	2022-12-16	6	CVE-2022-4326 MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. This vulnerability only affects release candidates of BigBlueButton 2.4. The attacker can start a subscription for poll results before starting an anonymous poll, and use this subscription to see individual responses in the anonymous poll. The attacker had to be a meeting presenter. This issue is patched in version 2.4.0. There are no workarounds.	2022-12-16	5.7	CVE-2022-41964 MISC MISC
google — android	In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199291025	2022-12-16	5.5	CVE-2022-20199 MISC
google — android	In getNearbyNotificationStreamingPolicy of DevicePolicyManagerService.java, there is a possible way to learn about the notification streaming policy of other users due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235822336	2022-12-16	5.5	CVE-2022-20510 MISC
google — android	In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235821829	2022-12-16	5.5	CVE-2022-20511 MISC
google — android	In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244569759	2022-12-16	5.5	CVE-2022-20513 MISC
google — android	In onPreferenceClick of AccountTypePreferenceLoader.java, there is a possible way to retrieve protected files from the Settings app due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-220733496	2022-12-16	5.5	CVE-2022-20515 MISC
google — android	In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224769956	2022-12-16	5.5	CVE-2022-20517 MISC
google — android	In query of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224770203	2022-12-16	5.5	CVE-2022-20518 MISC
google — android	In IncFs_GetFilledRangesStartingFrom of incfs.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-228222508	2022-12-16	5.5	CVE-2022-20523 MISC
google — android	In HalCoreCallback of halcore.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC firmware with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229994861	2022-12-16	5.5	CVE-2022-20527 MISC
google — android	In getSmsRoleHolder of RoleService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235601770	2022-12-16	5.5	CVE-2022-20538 MISC
google — android	In btif_a2dp_sink_command_ready of btif_a2dp_sink.cc, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-243922806	2022-12-16	5.5	CVE-2022-20552 MISC
google — android	Product: AndroidVersions: Android kernelAndroid ID: A-230660904References: N/A	2022-12-16	5.5	CVE-2022-20570 MISC
google — android	In sec_sysmmu_info of drm_fw.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237582191References: N/A	2022-12-16	5.5	CVE-2022-20574 MISC
google — android	In read_ppmpu_info of drm_fw.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237585040References: N/A	2022-12-16	5.5	CVE-2022-20575 MISC
google — android	In valid_va_sec_mfc_check of drm_access_control.c, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238932493References: N/A	2022-12-16	5.5	CVE-2022-20590 MISC
google — android	In ppmpu_set of ppmpu.c, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238939706References: N/A	2022-12-16	5.5	CVE-2022-20591 MISC
google — android	In ppmp_validate_secbuf of drm_fw.c, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238976908References: N/A	2022-12-16	5.5	CVE-2022-20592 MISC
google — android	In SAECOMM_SetDcnIdForPlmn of SAECOMM_DbManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from a single device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-230463606References: N/A	2022-12-16	5.5	CVE-2022-20604 MISC
google — android	In Pixel cellular firmware, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239239246References: N/A	2022-12-16	5.5	CVE-2022-20608 MISC
google — android	In Pixel cellular firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239240808References: N/A	2022-12-16	5.5	CVE-2022-20609 MISC
google — android	In a query in MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224770183	2022-12-16	5.5	CVE-2022-42535 MISC
adobe — illustrator	Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-12-16	5.5	CVE-2022-44498 MISC
adobe — illustrator	Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-12-16	5.5	CVE-2022-44499 MISC
adobe — illustrator	Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-12-16	5.5	CVE-2022-44500 MISC
adobe — illustrator	Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-12-16	5.5	CVE-2022-44502 MISC
clickstudios — passwordstate	A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected by this issue is some unknown functionality. The manipulation leads to risky cryptographic algorithm. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-216272.	2022-12-19	5.5	CVE-2022-4610 N/A N/A N/A
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-35693 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-35695 MISC
solarwinds — serv-u	This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function.	2022-12-16	5.4	CVE-2022-38106 MISC MISC MISC
hcltech — digital_experience	In HCL Digital Experience, customized XSS payload can be constructed such that it is served in the application unencoded.	2022-12-19	5.4	CVE-2022-38653 MISC
noorsplugin — easy_video_player	The Easy Video Player WordPress plugin before 1.2.2.3 does not sanitize and escapes some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.	2022-12-19	5.4	CVE-2022-3937 MISC
noorsplugin — checkout_for_paypal	The Checkout for PayPal WordPress plugin before 1.0.14 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks	2022-12-19	5.4	CVE-2022-3983 MISC
wphowto — flowplayer_video_player	The Flowplayer Video Player WordPress plugin before 1.0.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks	2022-12-19	5.4	CVE-2022-3984 MISC
wphowto — videojs_html5_player	The Videojs HTML5 Player WordPress plugin before 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks	2022-12-19	5.4	CVE-2022-3985 MISC
noorsplugin — wp_stripe_checkout	The WP Stripe Checkout WordPress plugin before 1.2.2.21 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks	2022-12-19	5.4	CVE-2022-3986 MISC
noorsplugin — responsive_lightbox2	The Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks	2022-12-19	5.4	CVE-2022-3987 MISC
10web — photo_gallery	The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control.	2022-12-19	5.4	CVE-2022-4058 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-42345 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-42346 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-42348 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-42349 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-42350 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-42352 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-42354 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-42356 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-42357 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-42362 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-42364 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-42365 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	5.4	CVE-2022-44462 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-44463 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-44465 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-44466 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-44467 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	5.4	CVE-2022-44468 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	5.4	CVE-2022-44469 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-44470 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-44471 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	5.4	CVE-2022-44473 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-19	5.4	CVE-2022-44474 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.	2022-12-19	5.4	CVE-2022-44488 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-22	5.4	CVE-2022-44510 MISC
oc-server3_project — oc-server3	A vulnerability, which was classified as problematic, has been found in Opencaching Deutschland oc-server3. This issue affects some unknown processing of the file htdocs/templates2/ocstyle/login.tpl of the component Login Page. The manipulation of the argument username leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 3296ebd61e7fe49e93b5755d5d7766d6e94a7667. It is recommended to apply a patch to fix this issue. The identifier VDB-216173 was assigned to this vulnerability.	2022-12-17	5.4	CVE-2022-4587 N/A N/A N/A
shoplazza — lifestyle	A vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. This issue affects some unknown processing of the file /admin/api/admin/articles/ of the component Add Blog Post Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-216191.	2022-12-18	5.4	CVE-2022-4596 N/A N/A N/A
shoplazza — lifestyle	A vulnerability, which was classified as problematic, was found in Shoplazza LifeStyle 1.1. Affected is an unknown function of the file /admin/api/admin/v2_products of the component Create Product Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-216192.	2022-12-18	5.4	CVE-2022-4597 N/A N/A N/A
shoplazza — lifestyle	A vulnerability has been found in Shoplazza LifeStyle 1.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/api/theme-edit/ of the component Announcement Handler. The manipulation of the argument Text/Mobile Text leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-216193 was assigned to this vulnerability.	2022-12-18	5.4	CVE-2022-4598 N/A N/A N/A
shoplazza — lifestyle	A vulnerability was found in Shoplazza LifeStyle 1.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/api/theme-edit/ of the component Product Handler. The manipulation of the argument Subheading/Heading/Text/Button Text/Label leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-216194 is the identifier assigned to this vulnerability.	2022-12-18	5.4	CVE-2022-4599 N/A N/A N/A
shoplazza — lifestyle	A vulnerability was found in Shoplazza LifeStyle 1.1. It has been classified as problematic. This affects an unknown part of the file /admin/api/theme-edit/ of the component Product Carousel Handler. The manipulation of the argument Heading/Description leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-216195.	2022-12-18	5.4	CVE-2022-4600 N/A N/A N/A
shoplazza — lifestyle	A vulnerability was found in Shoplazza LifeStyle 1.1. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/api/theme-edit/ of the component Shipping/Member Discount/Icon. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-216196.	2022-12-18	5.4	CVE-2022-4601 N/A N/A N/A
shoplazza — lifestyle	A vulnerability was found in Shoplazza LifeStyle 1.1. It has been rated as problematic. This issue affects some unknown processing of the file /admin/api/theme-edit/ of the component Review Flow Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-216197 was assigned to this vulnerability.	2022-12-18	5.4	CVE-2022-4602 N/A N/A N/A
flatpress — flatpress	Cross-site Scripting (XSS) – Stored in GitHub repository flatpressblog/flatpress prior to 1.3.	2022-12-18	5.4	CVE-2022-4605 MISC CONFIRM
usememos — memos	Cross-site Scripting (XSS) – Stored in GitHub repository usememos/memos prior to 0.9.0.	2022-12-19	5.4	CVE-2022-4609 MISC CONFIRM
znote — znote	Cross-site Scripting (XSS) – Stored in GitHub repository alagrede/znote-app prior to 1.7.11.	2022-12-19	5.4	CVE-2022-4614 CONFIRM MISC
apache — zeppelin	An Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Apache Zeppelin allows logged-in users to execute arbitrary javascript in other users’ browsers. This issue affects Apache Zeppelin before 0.8.2. Users are recommended to upgrade to a supported version of Zeppelin.	2022-12-16	5.4	CVE-2022-46870 MISC
google — android	In strings.xml, there is a possible permission bypass due to a misleading string. This could lead to remote information disclosure of call logs with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231585645	2022-12-16	5.3	CVE-2022-20530 MISC
broadcom — symantec_identity_governance_and_administration	An unauthenticated user can access Identity Manager’s management console specific page URLs. However, the system doesn’t allow the user to carry out server side tasks without a valid web session.	2022-12-16	5.3	CVE-2022-25626 MISC
apache — traffic_server	Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to Apache Traffic Server. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.	2022-12-19	5.3	CVE-2022-37392 MISC
ibm — cognos_analytics	IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could be vulnerable to sensitive information exposure by passing API keys to log files. If these keys contain sensitive information, it could lead to further attacks. IBM X-Force ID: 240450.	2022-12-19	5.3	CVE-2022-43887 MISC MISC
wpvar — wp_shamsi	The WP Shamsi plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the deactivate() function hooked via init() in versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to deactivate arbitrary plugins on the site. This can be used to deactivate security plugins that aids in exploiting other vulnerabilities.	2022-12-16	5.3	CVE-2022-4555 MISC MISC
clickstudios — passwordstate	A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier VDB-216273 was assigned to this vulnerability.	2022-12-19	5.3	CVE-2022-4611 N/A N/A
huawei — harmonyos	The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone’s camera and microphone.	2022-12-20	5.3	CVE-2022-46313 MISC
huawei — harmonyos	The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings.	2022-12-20	5.3	CVE-2022-46318 MISC MISC
google — android	In sdpu_find_most_specific_service_uuid of sdp_utils.cc, there is a possible way to crash Bluetooth due to a missing null check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227203684	2022-12-16	5	CVE-2022-20521 MISC
google — android	In SAEMM_MiningCodecTableWithMsgIE of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233230674References: N/A	2022-12-16	4.9	CVE-2022-20606 MISC
vmware — vrealize_operations	vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.	2022-12-16	4.9	CVE-2022-31708 MISC
ibm — security_guardium	IBM Security Guardium 11.4 could allow a privileged user to obtain sensitive information inside of an HTTP response. IBM X-Force ID: 235405.	2022-12-20	4.9	CVE-2022-39166 MISC MISC
cedcommerce — wholesale_market_for_woocommerce	The Wholesale Market for WooCommerce WordPress plugin before 1.0.8 does not validate user input used to generate system path, allowing high privilege users such as admin to download arbitrary file from the server even when they should not be able to (for example in multisite)	2022-12-19	4.9	CVE-2022-4108 MISC
external_media_project — external_media	The External Media WordPress plugin before 1.0.36 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2022-12-19	4.8	CVE-2022-3832 MISC
vms-studio — quizlord	The Quizlord WordPress plugin through 2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2022-12-19	4.8	CVE-2022-4112 MISC
google — android	In onOptionsItemSelected of ManageApplications.java, there is a possible bypass of profile owner restrictions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238745070	2022-12-16	4.4	CVE-2022-20544 MISC
google — android	In ufdt_get_node_by_path_len of ufdt_convert.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246194233	2022-12-16	4.4	CVE-2022-20555 MISC
google — android	In valid_va_secbuf_check of drm_access_control.c, there is a possible ID due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238841928References: N/A	2022-12-16	4.4	CVE-2022-20589 MISC
google — android	In pop_descriptor_string of BufferDescriptor.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239415809References: N/A	2022-12-16	4.4	CVE-2022-20593 MISC
google — android	In getWpcAuthChallengeResponse of WirelessCharger.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700137References: N/A	2022-12-16	4.4	CVE-2022-20595 MISC
google — android	In VsimOperationDataExt::encode of vsimdata.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763050References: N/A	2022-12-16	4.4	CVE-2022-42512 MISC
google — android	In ProtocolImsBuilder::BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763298References: N/A	2022-12-16	4.4	CVE-2022-42514 MISC
google — android	In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763503References: N/A	2022-12-16	4.4	CVE-2022-42515 MISC
google — android	In ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderlegacy.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763577References: N/A	2022-12-16	4.4	CVE-2022-42516 MISC
google — android	In MiscService::DoOemSetTcsFci of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763682References: N/A	2022-12-16	4.4	CVE-2022-42517 MISC
google — android	In DoSetCarrierConfig of miscservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130038References: N/A	2022-12-16	4.4	CVE-2022-42522 MISC
google — android	In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242331893References: N/A	2022-12-16	4.4	CVE-2022-42530 MISC
google — android	In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332610References: N/A	2022-12-16	4.4	CVE-2022-42532 MISC
google — android	In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-249998113References: N/A	2022-12-16	4.4	CVE-2022-42543 MISC
ibm — aix	IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a local user with elevated privileges to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 238641.	2022-12-20	4.4	CVE-2022-43382 MISC MISC
mozilla — firefox	If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. <br>This bug only affects Firefox for Android. Other operating systems are unaffected.<br>Note: Due to a clerical error this advisory was not included in the original announcement, and was added in Feburary 2022. This vulnerability affects Firefox < 92.	2022-12-22	4.3	CVE-2021-4221 MISC MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. Versions prior to 2.4.0 expose sensitive information to Unauthorized Actors. This issue affects meetings with polls, where the attacker is a meeting participant. Subscribing to the current-poll collection does not update the client UI, but does give the attacker access to the contents of the collection, which include the individual poll responses. This issue is patched in version 2.4.0. There are no workarounds.	2022-12-16	4.3	CVE-2022-23490 MISC MISC
microfocus — groupwise	A vulnerability has been identified in Micro Focus GroupWise Web in versions prior to 18.4.2. The GW Web component makes a request to the Post Office Agent that contains sensitive information in the query parameters that could be logged by any intervening HTTP proxies.	2022-12-16	4.3	CVE-2022-38756 MISC
popup_manager_project — popup_manager	The Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF checks when deleting popups, which could allow unauthenticated users to delete them	2022-12-19	4.3	CVE-2022-4124 MISC
popup_manager_project — popup_manager	The Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF check when creating/updating popups, and is missing sanitisation as well as escaping, which could allow unauthenticated attackers to create arbitrary popups and add Stored XSS payloads as well	2022-12-19	4.3	CVE-2022-4125 MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. Versions prior to 2.4.3, are subject to Insufficient Verification of Data Authenticity, resulting in Denial of Service. An attacker can make a Meteor call to `validateAuthToken` using a victim’s userId, meetingId, and an invalid authToken. This forces the victim to leave the conference, because the resulting verification failure is also observed and handled by the victim’s client. The attacker must be a participant in any meeting on the server. This issue is patched in version 2.4.3. There are no workarounds.	2022-12-16	4.3	CVE-2022-41960 MISC MISC MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are subject to Ineffective user bans. The attacker could register multiple users, and join the meeting with one of them. When that user is banned, they could still join the meeting with the remaining registered users from the same extId. This issue has been fixed by improving permissions such that banning a user removes all users related to their extId, including registered users that have not joined the meeting. This issue is patched in versions 2.4-rc-6 and 2.5-alpha-1. There are no workarounds.	2022-12-16	4.3	CVE-2022-41961 MISC MISC MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to disclose low level confidentiality information. Exploitation of this issue does not require user interaction.	2022-12-16	4.3	CVE-2022-42351 MISC
google — android	In phNxpNciHal_ioctl of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238083126	2022-12-16	4.2	CVE-2022-20541 MISC

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
google — android	In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure WiFi networks due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224772678	2022-12-16	3.3	CVE-2022-20519 MISC
google — android	In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of visual voicemail package name due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229742768	2022-12-16	3.3	CVE-2022-20525 MISC
google — android	In CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229742774	2022-12-16	3.3	CVE-2022-20526 MISC
google — android	In findParam of HevcUtils.cpp there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230172711	2022-12-16	3.3	CVE-2022-20528 MISC
google — android	In placeCall of TelecomManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231988638	2022-12-16	3.3	CVE-2022-20531 MISC
google — android	In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the guest mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-232798363	2022-12-16	3.3	CVE-2022-20533 MISC
google — android	In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233605242	2022-12-16	3.3	CVE-2022-20535 MISC
google — android	In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235100180	2022-12-16	3.3	CVE-2022-20536 MISC
google — android	In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. This could lead to local escalation of privilege from the Guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235601169	2022-12-16	3.3	CVE-2022-20537 MISC
google — android	In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246301667	2022-12-16	3.3	CVE-2022-20556 MISC
google — android	In registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred TTY mode due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236264289	2022-12-16	3.3	CVE-2022-20558 MISC
google — android	In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-219739967	2022-12-16	3.3	CVE-2022-20559 MISC
google — android	In various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231630423References: N/A	2022-12-16	3.3	CVE-2022-20562 MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. Versions prior to 2.4.3 contain a whiteboard grace period that exists to handle delayed messages, but this grace period could be used by attackers to take actions in the few seconds after their access is revoked. The attacker must be a meeting participant. This issue is patched in version 2.4.3 an version 2.5-alpha-1	2022-12-16	3.1	CVE-2022-41963 MISC MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6, and 2.5-alpha-1 contain Incorrect Authorization for setting emoji status. A user with moderator rights can use the clear status feature to set any emoji status for other users. Moderators should only be able to set none as the status of other users. This issue is patched in 2.4-rc-6 and 2.5-alpha-1There are no workarounds.	2022-12-16	2.7	CVE-2022-41962 MISC MISC MISC
google — android	In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231583603	2022-12-16	2.4	CVE-2022-20529 MISC
google — android	In multiple locations, there is a possible display crash loop due to improper input validation. This could lead to local denial of service with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238178261	2022-12-16	2.3	CVE-2022-20543 MISC

Severity Not Yet Assigned

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
mozilla — multiple_products	An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could craft a custom login URL, convince a VPN user to login via that URL, and obtain authenticated access as that user. This issue is limited to cases where attacker and victim are sharing the same source IP and could allow the ability to view session states and disconnect VPN sessions. This vulnerability affects Mozilla VPN iOS 1.0.7 < (929), Mozilla VPN Windows < 1.2.2, and Mozilla VPN Android 1.1.0 < (1360).	2022-12-22	not yet calculated	CVE-2020-15679 MISC MISC MISC MISC
mozilla — thunderbird	During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.	2022-12-22	not yet calculated	CVE-2020-15685 MISC MISC
is.js — is.js	is.js is a general-purpose check library. Versions 0.9.0 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). is.js uses a regex copy-pasted from a gist to validate URLs. Trying to validate a malicious string can cause the regex to loop â€œforever.” This vulnerability was found using a CodeQL query which identifies inefficient regular expressions. is.js has no patch for this issue.	2022-12-22	not yet calculated	CVE-2020-26302 CONFIRM MISC
furqan — furqan	A vulnerability classified as critical has been found in Furqan node-whois. Affected is an unknown function of the file index.coffee. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’). It is possible to launch the attack remotely. The name of the patch is 46ccc2aee8d063c7b6b4dee2c2834113b7286076. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216252.	2022-12-19	not yet calculated	CVE-2020-36618 N/A N/A N/A
multimon-ng — multimon-ng	A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the function add_ch of the file demod_flex.c. The manipulation of the argument ch leads to format string. Upgrading to version 1.2.0 is able to address this issue. The name of the patch is e5a51c508ef952e81a6da25b43034dd1ed023c07. It is recommended to upgrade the affected component. The identifier VDB-216269 was assigned to this vulnerability.	2022-12-19	not yet calculated	CVE-2020-36619 N/A N/A N/A N/A
brondahl — enumstringvalues	A vulnerability was found in Brondahl EnumStringValues up to 4.0.0. It has been declared as problematic. This vulnerability affects the function GetStringValuesWithPreferences_Uncache of the file EnumStringValues/EnumExtensions.cs. The manipulation leads to resource consumption. Upgrading to version 4.0.1 is able to address this issue. The name of the patch is c0fc7806beb24883cc2f9543ebc50c0820297307. It is recommended to upgrade the affected component. VDB-216466 is the identifier assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2020-36620 N/A N/A MISC
chedabob — whatismyudid	A vulnerability, which was classified as problematic, has been found in chedabob whatismyudid. Affected by this issue is the function exports.enrollment of the file routes/mobileconfig.js. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is bb33d4325fba80e7ea68b79121dba025caf6f45f. It is recommended to apply a patch to fix this issue. VDB-216470 is the identifier assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2020-36621 N/A N/A
sah-comp — bienlein	A vulnerability was found in sah-comp bienlein and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is d7836a4f2b241e4745ede194f0f6fb47199cab6b. It is recommended to apply a patch to fix this issue. The identifier VDB-216473 was assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2020-36622 N/A N/A
pengu — pengu	A vulnerability was found in Pengu. It has been declared as problematic. Affected by this vulnerability is the function runApp of the file src/index.js. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The name of the patch is aea66f12b8cdfc3c8c50ad6a9c89d8307e9d0a91. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216475.	2022-12-21	not yet calculated	CVE-2020-36623 N/A N/A
ahorner — text-helpers	A vulnerability was found in ahorner text-helpers up to 1.0.x. It has been declared as critical. This vulnerability affects unknown code of the file lib/text_helpers/translation.rb. The manipulation of the argument link leads to use of web link to untrusted target with window.opener access. The attack can be initiated remotely. Upgrading to version 1.1.0 is able to address this issue. The name of the patch is 184b60ded0e43c985788582aca2d1e746f9405a3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216520.	2022-12-22	not yet calculated	CVE-2020-36624 MISC MISC MISC MISC
activity_watch — activity_watch	Activity Watch is a free and open-source automated time tracker. Versions prior to 0.11.0 allow an attacker to execute arbitrary commands on any macOS machine with ActivityWatch running. The attacker can exploit this vulnerability by having the user visiting a website with the page title set to a malicious string. An attacker could use another application to accomplish the same, but the web browser is the most likely attack vector. This issue is patched in version 0.11.0. As a workaround, users can run the latest version of aw-watcher-window from source, or manually patch the `printAppTitle.scpt` file.	2022-12-23	not yet calculated	CVE-2021-32692 CONFIRM
openatom_foundation — openeuler	After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a result, the released memory is used (use-after-free).	2022-12-19	not yet calculated	CVE-2021-33640 MISC
beijing — baidunetdisk	Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.	2022-12-22	not yet calculated	CVE-2021-36631 MISC
mozilla — thunderbird	When receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer added by a mailing list gateway, Thunderbird only considered the inner signed message for the signature validity. This gave the false impression that the additional contents were also covered by the digital signature. Starting with Thunderbird version 91.4.1, only the signature that belongs to the top level MIME part will be considered for the displayed status. This vulnerability affects Thunderbird < 91.4.1.	2022-12-22	not yet calculated	CVE-2021-4126 MISC MISC
mozilla — multiple_products	An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird < 78.9 and Firefox ESR < 78.9.	2022-12-22	not yet calculated	CVE-2021-4127 MISC MISC MISC
mozilla — firefox_for_macos	When transitioning in and out of fullscreen mode, a graphics object was not correctly protected; resulting in memory corruption and a potentially exploitable crash.<br>This bug only affects Firefox on MacOS. Other operating systems are unaffected.. This vulnerability affects Firefox < 95.	2022-12-22	not yet calculated	CVE-2021-4128 MISC MISC
mozilla — multiple_products	Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 95, Firefox ESR < 91.4.0, and Thunderbird < 91.4.0.	2022-12-22	not yet calculated	CVE-2021-4129 MISC MISC MISC MISC
mozilla — multiple_products	It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2021-4140 MISC MISC MISC MISC
criego — active_attr	A vulnerability classified as problematic has been found in cgriego active_attr up to 0.15.2. This affects the function call of the file lib/active_attr/typecasting/boolean_typecaster.rb of the component Regex Handler. The manipulation of the argument value leads to denial of service. The exploit has been disclosed to the public and may be used. Upgrading to version 0.15.3 is able to address this issue. The name of the patch is dab95e5843b01525444b82bd7b336ef1d79377df. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216207.	2022-12-18	not yet calculated	CVE-2021-4250 N/A N/A N/A N/A MISC
phpredisadmin– phpredisadmin	A vulnerability was found in phpRedisAdmin up to 1.16.1. It has been classified as problematic. This affects the function authHttpDigest of the file includes/login.inc.php. The manipulation of the argument response leads to use of wrong operator in string comparison. Upgrading to version 1.16.2 is able to address this issue. The name of the patch is 31aa7661e6db6f4dffbf9a635817832a0a11c7d9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216267.	2022-12-19	not yet calculated	CVE-2021-4259 N/A N/A MISC
oils-js — oils-js	A vulnerability was found in oils-js. It has been declared as critical. This vulnerability affects unknown code of the file core/Web.js. The manipulation leads to open redirect. The attack can be initiated remotely. The name of the patch is fad8fbae824a7d367dacb90d56cb02c5cb999d42. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216268.	2022-12-19	not yet calculated	CVE-2021-4260 N/A N/A
platzhersh — pacman-canvas	A vulnerability classified as critical has been found in pacman-canvas up to 1.0.5. Affected is the function addHighscore of the file data/db-handler.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 1.0.6 is able to address this issue. The name of the patch is 29522c90ca1cebfce6453a5af5a45281d99b0646. It is recommended to upgrade the affected component. VDB-216270 is the identifier assigned to this vulnerability.	2022-12-19	not yet calculated	CVE-2021-4261 N/A N/A N/A
laravel-jqgrid — laravel-jqgrid	A vulnerability classified as critical was found in laravel-jqgrid. Affected by this vulnerability is the function getRows of the file src/Mgallegos/LaravelJqgrid/Repositories/EloquentRepositoryAbstract.php. The manipulation leads to sql injection. The name of the patch is fbc2d94f43d0dc772767a5bdb2681133036f935e. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216271.	2022-12-19	not yet calculated	CVE-2021-4262 N/A N/A N/A
leanote — leanote	A vulnerability, which was classified as problematic, has been found in leanote. This issue affects the function define of the file public/js/plugins/history.js. The manipulation of the argument content leads to cross site scripting. The attack may be initiated remotely. The name of the patch is https:/github.com/leanote/leanote/commit/0f9733c890077942150696dcc6d2b1482b7a0a19. It is recommended to apply a patch to fix this issue. The identifier VDB-216461 was assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2021-4263 N/A N/A
linkedin — dustjs	A vulnerability was found in LinkedIn dustjs up to 2.x and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.0 is able to address this issue. The name of the patch is ddb6523832465d38c9d80189e9de60519ac307c3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216464.	2022-12-21	not yet calculated	CVE-2021-4264 N/A N/A N/A N/A MISC MISC
siwapp — siwapp-ror	A vulnerability was found in siwapp-ror. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 924d16008cfcc09356c87db01848e45290cb58ca. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216467.	2022-12-21	not yet calculated	CVE-2021-4265 N/A N/A N/A
webdetails — cpf	A vulnerability classified as problematic has been found in Webdetails cpf up to 9.5.0.0-80. Affected is an unknown function of the file core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java. The manipulation of the argument baseUrl leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 9.5.0.0-81 is able to address this issue. The name of the patch is 3bff900d228e8cae3af256b447c5d15bdb03c174. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216468.	2022-12-21	not yet calculated	CVE-2021-4266 N/A N/A N/A N/A
tad_discuss — tad_discuss	A vulnerability classified as problematic was found in tad_discuss. Affected by this vulnerability is an unknown functionality. The manipulation of the argument DiscussTitle leads to cross site scripting. The attack can be launched remotely. The name of the patch is af94d034ff8db642d05fd8788179eab05f433958. It is recommended to apply a patch to fix this issue. The identifier VDB-216469 was assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2021-4267 N/A N/A N/A
phpredisadmin– phpredisadmin	A vulnerability, which was classified as problematic, was found in phpRedisAdmin up to 1.17.3. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 1.18.0 is able to address this issue. The name of the patch is b9039adbb264c81333328faa9575ecf8e0d2be94. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216471.	2022-12-21	not yet calculated	CVE-2021-4268 N/A N/A N/A
simplerisk — simplerisk	A vulnerability has been found in SimpleRisk and classified as problematic. This vulnerability affects the function checkAndSetValidation of the file simplerisk/js/common.js. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 20220306-001 is able to address this issue. The name of the patch is 591405b4ed160fbefc1dca1e55c5745079a7bb48. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216472.	2022-12-21	not yet calculated	CVE-2021-4269 N/A N/A N/A
imprint_cms — imprint_cms	A vulnerability was found in Imprint CMS. It has been classified as problematic. Affected is the function SearchForm of the file ImprintCMS/Models/ViewHelpers.cs. The manipulation of the argument query leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6140b140ccd02b5e4e7d6ba013ac1225724487f4. It is recommended to apply a patch to fix this issue. VDB-216474 is the identifier assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2021-4270 N/A N/A
w2wiki — w2wiki	A vulnerability was found in panicsteve w2wiki. It has been rated as problematic. Affected by this issue is the function toHTML of the file index.php of the component Markdown Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is 8f1d0470b4ddb1c7699e3308e765c11ed29542b6. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216476.	2022-12-21	not yet calculated	CVE-2021-4271 N/A N/A
studygolang — studygolang	A vulnerability classified as problematic has been found in studygolang. This affects an unknown part of the file static/js/topics.js. The manipulation of the argument contentHtml leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 0fb30f9640bd5fa0cae58922eac6c00bb1a94391. It is recommended to apply a patch to fix this issue. The identifier VDB-216477 was assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2021-4272 N/A N/A
studygolang — studygolang	A vulnerability classified as problematic was found in studygolang. This vulnerability affects the function Search of the file http/controller/search.go. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 97ba556d42fa89dfaa7737e9cd3a8ddaf670bb23. It is recommended to apply a patch to fix this issue. VDB-216478 is the identifier assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2021-4273 N/A N/A N/A
sileht — bird-lg	A vulnerability, which was classified as problematic, has been found in sileht bird-lg. This issue affects some unknown processing of the file templates/layout.html. The manipulation of the argument request_args leads to cross site scripting. The attack may be initiated remotely. The name of the patch is ef6b32c527478fefe7a4436e10b96ee28ed5b308. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216479.	2022-12-21	not yet calculated	CVE-2021-4274 N/A N/A N/A
pyambic-pentameter — pyambic-pentameter	A vulnerability, which was classified as problematic, was found in katlings pyambic-pentameter. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The name of the patch is 974f21aa1b2527ef39c8afe1a5060548217deca8. It is recommended to apply a patch to fix this issue. VDB-216498 is the identifier assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2021-4275 N/A N/A
sourcecodester — simple_client_management_system	A Stored Cross-site scripting (XSS) vulnerability via MAster.php in Sourcecodetester Simple Client Management System (SCMS) 1.0 allows remote attackers to inject arbitrary web script or HTML via the vulnerable input fields.	2022-12-22	not yet calculated	CVE-2021-43657 MISC
harmonyos — harmonyos	The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.	2022-12-20	not yet calculated	CVE-2021-46856 MISC
mozilla — firefox	Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell Jesup, Luan Herrera, Lars T Hansen, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97.	2022-12-22	not yet calculated	CVE-2022-0511 MISC MISC
mozilla — vpn	Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitrary code with SYSTEM privilege. This vulnerability affects Mozilla VPN < 2.7.1.	2022-12-22	not yet calculated	CVE-2022-0517 MISC MISC
mozilla — thunderbird	It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write of one byte when processing the message. This vulnerability affects Thunderbird < 91.6.1.	2022-12-22	not yet calculated	CVE-2022-0566 MISC MISC
mozilla — firefox	Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 98.	2022-12-22	not yet calculated	CVE-2022-0843 MISC MISC
mozilla — multiple_products	<code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.	2022-12-22	not yet calculated	CVE-2022-1097 MISC MISC MISC MISC
mozilla — multiple_products	After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8 and Firefox ESR < 91.8.	2022-12-22	not yet calculated	CVE-2022-1196 MISC MISC MISC
mozilla — thunderbird	When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. Revocation statements that used another revocation reason, or that didn’t specify a revocation reason, were unaffected. This vulnerability affects Thunderbird < 91.8.	2022-12-22	not yet calculated	CVE-2022-1197 MISC MISC
mozilla — thunderbird	When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A might be shown with the security status of message B. This vulnerability affects Thunderbird < 91.9.	2022-12-22	not yet calculated	CVE-2022-1520 MISC MISC
mozilla — multiple_products	An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.	2022-12-22	not yet calculated	CVE-2022-1529 MISC MISC
mozilla — multiple_products	If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.	2022-12-22	not yet calculated	CVE-2022-1802 MISC MISC
mozilla — thunderbird	When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker’s digital signature, that was shown with an arbitrary sender email address chosen by the attacker. If the sender name started with a false email address, followed by many Braille space characters, the attacker’s email address was not visible. Because Thunderbird compared the invisible sender address with the signature’s email address, if the signing key or certificate was accepted by Thunderbird, the email was shown as having a valid digital signature. This vulnerability affects Thunderbird < 91.10.	2022-12-22	not yet calculated	CVE-2022-1834 MISC MISC
mozilla — multiple_products	If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.	2022-12-22	not yet calculated	CVE-2022-2200 MISC MISC MISC MISC
mozilla — thunderbird	An OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a digital signature, the email’s date will be shown. If the dates were different, then Thunderbird didn’t report the email as having an invalid signature. If an attacker performed a replay attack, in which an old email with old contents are resent at a later time, it could lead the victim to believe that the statements in the email are current. Fixed versions of Thunderbird will require that the signature’s date roughly matches the displayed date of the email. This vulnerability affects Thunderbird < 102 and Thunderbird < 91.11.	2022-12-22	not yet calculated	CVE-2022-2226 MISC MISC
ibm — identity_manager	IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 224915.	2022-12-24	not yet calculated	CVE-2022-22449 MISC MISC
ibm — identity_manager	IBM Security Verify Governance, Identity Manager 10.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 225004.	2022-12-22	not yet calculated	CVE-2022-22456 MISC MISC
ibm — identity_manager	IBM Security Verify Governance, Identity Manager 10.0.1 stores sensitive information including user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 225007.	2022-12-22	not yet calculated	CVE-2022-22457 MISC MISC
ibm — identity_manager	IBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear text which can be read by a remote authenticated user. IBM X-Force ID: 225009.	2022-12-22	not yet calculated	CVE-2022-22458 MISC MISC
ibm — identity_manager	IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225007.	2022-12-22	not yet calculated	CVE-2022-22461 MISC MISC
mozilla — firefox	If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.<br>This bug only affects Firefox for Windows in a non-default installation. Other operating systems are unaffected.. This vulnerability affects Firefox < 96.	2022-12-22	not yet calculated	CVE-2022-22736 MISC MISC
mozilla — multiple_products	Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22737 MISC MISC MISC MISC
mozilla — multiple_products	Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22738 MISC MISC MISC MISC
mozilla — multiple_products	Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22739 MISC MISC MISC MISC
mozilla — multiple_products	Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22740 MISC MISC MISC MISC
mozilla — multiple_products	When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22741 MISC MISC MISC MISC
mozilla — multiple_products	When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22742 MISC MISC MISC MISC
mozilla — multiple_products	When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22743 MISC MISC MISC MISC
mozilla — multiple_products	The constructed curl command from the “Copy as curl” feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>This bug only affects Thunderbird for Windows. Other operating systems are unaffected.. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22744 MISC MISC MISC MISC
mozilla — multiple_products	Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22745 MISC MISC MISC MISC
mozilla — multiple_products	A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>This bug only affects Firefox for Windows. Other operating systems are unaffected.. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22746 MISC MISC MISC MISC
mozilla — multiple_products	After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22747 MISC MISC MISC MISC
mozilla — multiple_products	Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22748 MISC MISC MISC MISC
mozilla — firefox_for_android	When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.<br>This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 96.	2022-12-22	not yet calculated	CVE-2022-22749 MISC MISC
mozilla — multiple_products	By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to.<br>This bug only affects Firefox for Windows and MacOS. Other operating systems are unaffected.. This vulnerability affects Firefox < 96.	2022-12-22	not yet calculated	CVE-2022-22750 MISC MISC
mozilla — multiple_products	Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.	2022-12-22	not yet calculated	CVE-2022-22751 MISC MISC MISC MISC
mozilla — firefox	Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 96.	2022-12-22	not yet calculated	CVE-2022-22752 MISC MISC
mozilla — multiple_products	A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.<br>This bug only affects Firefox on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.	2022-12-22	not yet calculated	CVE-2022-22753 MISC MISC MISC MISC
mozilla — multiple_products	If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.	2022-12-22	not yet calculated	CVE-2022-22754 MISC MISC MISC MISC
mozilla — firefox	By using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript (within the bounds of the same-origin policy) even after the tab was closed. This vulnerability affects Firefox < 97.	2022-12-22	not yet calculated	CVE-2022-22755 MISC MISC
mozilla — multiple_products	If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.	2022-12-22	not yet calculated	CVE-2022-22756 MISC MISC MISC MISC
mozilla — firefox	Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user’s browser to control it. <br>This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.. This vulnerability affects Firefox < 97.	2022-12-22	not yet calculated	CVE-2022-22757 MISC MISC
mozilla — firefox	When clicking on a tel: link, USSD codes, specified after a <code></code> character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user’s account, similar to a cross-site request forgery attack.<br>This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97.	2022-12-22	not yet calculated	CVE-2022-22758 MISC MISC
mozilla — multiple_products	If a document created a sandboxed iframe without <code>allow-scripts</code>, and subsequently appended an element to the iframe’s document that e.g. had a JavaScript event handler – the event handler would have run despite the iframe’s sandbox. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.	2022-12-22	not yet calculated	CVE-2022-22759 MISC MISC MISC MISC
mozilla — multiple_products	When importing resources using Web Workers, error messages would distinguish the difference between <code>application/javascript</code> responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.	2022-12-22	not yet calculated	CVE-2022-22760 MISC MISC MISC MISC MISC
mozilla — multiple_products	Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension’s Content Security Policy. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.	2022-12-22	not yet calculated	CVE-2022-22761 MISC MISC MISC MISC
mozilla — firefox_for_android	Under certain circumstances, a JavaScript alert (or prompt) could have been shown while another website was displayed underneath it. This could have been abused to trick the user. <br>This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 97.	2022-12-22	not yet calculated	CVE-2022-22762 MISC MISC
mozilla — multiple_products	When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. This vulnerability affects Firefox < 96, Thunderbird < 91.6, and Firefox ESR < 91.6.	2022-12-22	not yet calculated	CVE-2022-22763 MISC MISC MISC MISC
mozilla — multiple_products	Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.	2022-12-22	not yet calculated	CVE-2022-22764 MISC MISC MISC MISC
pi-hole — adminlte	Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on `queryads` endpoint. In the case of application, this vulnerability exists because of a lack of validation in code on a root server path: `/admin/scripts/pi-hole/phpqueryads.php.` Potential threat actor(s) are able to perform an unauthorized query search in blocked domain lists. This could lead to the disclosure for any victims’ personal blacklists.	2022-12-23	not yet calculated	CVE-2022-23513 MISC MISC
auth0 — jsonwebtoken	node-jsonwebtoken is a JsonWebToken implementation for node.js. For versions `<= 8.5.1` of `jsonwebtoken` library, if a malicious actor has the ability to modify the key retrieval parameter (referring to the `secretOrPublicKey` argument from the readme link of the `jwt.verify()` function, they can write arbitrary files on the host machine. Users are affected only if untrusted entities are allowed to modify the key retrieval parameter of the `jwt.verify()` on a host that you control. This issue has been fixed, please update to version 9.0.0.	2022-12-21	not yet calculated	CVE-2022-23529 MISC MISC
cortex_project — cortex	Cortex provides multi-tenant, long term storage for Prometheus. A local file inclusion vulnerability exists in Cortex versions 1.13.0, 1.13.1 and 1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted to the Alertmanager Set Configuration API. Only users of the Alertmanager service where `-experimental.alertmanager.enable-api` or `enable_api: true` is configured are affected. Affected Cortex users are advised to upgrade to patched versions 1.13.2 or 1.14.1. However as a workaround, Cortex administrators may reject Alertmanager configurations containing the `api_key_file` setting in the `opsgenie_configs` section before sending to the Set Alertmanager Configuration API.	2022-12-19	not yet calculated	CVE-2022-23536 MISC MISC MISC MISC
pjsip — pjsip	PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch (2.13.1).	2022-12-20	not yet calculated	CVE-2022-23537 MISC MISC
auth0 — jsonwebtoken	Versions `<=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the GitHub Security Advisory as unaffected. This issue has been fixed, please update to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you’ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions.	2022-12-23	not yet calculated	CVE-2022-23539 MISC MISC
auth0 — jsonwebtoken	In versions `<=8.5.1` of `jsonwebtoken` library, lack of algorithm definition in the `jwt.verify()` function can lead to signature validation bypass due to defaulting to the `none` algorithm for signature verification. Users are affected if you do not specify algorithms in the `jwt.verify()` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the `jwt.verify()` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the `none` algorithm. If you need ‘none’ algorithm, you have to explicitly specify that in `jwt.verify()` options.	2022-12-22	not yet calculated	CVE-2022-23540 MISC MISC
auth0 — jsonwebtoken	jsonwebtoken is an implementation of JSON Web Tokens. Versions `<= 8.5.1` of `jsonwebtoken` library can be misconfigured so that passing a poorly implemented key retrieval function referring to the `secretOrPublicKey` argument from the readme link will result in incorrect verification of tokens. There is a possibility of using a different algorithm and key combination in verification, other than the one that was used to sign the tokens. Specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to successful validation of forged tokens. If your application is supporting usage of both symmetric key and asymmetric key in jwt.verify() implementation with the same key retrieval function. This issue has been patched, please update to version 9.0.0.	2022-12-22	not yet calculated	CVE-2022-23541 MISC MISC MISC
openfga — openfga	OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. During an internal security assessment, it was discovered that OpenFGA version 0.3.0 is vulnerable to authorization bypass under certain conditions. This issue has been patched in version 0.3.1 and is backward compatible.	2022-12-20	not yet calculated	CVE-2022-23542 MISC MISC MISC
silverware_games — silverware_games	Silverware Games is a social network where people can play games online. Users can attach URLs to YouTube videos, the site will generate related `<iframe>` when the post will be published. The handler has some sort of protection so non-YouTube links can’t be posted, as well as HTML tags are being stripped. However, it was still possible to add custom HTML attributes (e.g. `onclick=alert(“xss”)`) to the `<iframe>’. This issue was fixed in the version `1.1.34` and does not require any extra actions from our members. There has been no evidence that this vulnerability was used by anyone at this time.	2022-12-19	not yet calculated	CVE-2022-23543 MISC
pjsip — pjsip	PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as commit in the master branch.	2022-12-23	not yet calculated	CVE-2022-23547 MISC MISC MISC
azure — aad-pod-identity	aad-pod-identity assigns Azure Active Directory identities to Kubernetes applications and has now been deprecated as of 24 October 2022. The NMI component in AAD Pod Identity intercepts and validates token requests based on regex. In this case, a token request made with backslash in the request (example: `/metadata/identityoauth2token/`) would bypass the NMI validation and be sent to IMDS allowing a pod in the cluster to access identities that it shouldn’t have access to. This issue has been fixed and has been included in AAD Pod Identity release version 1.8.13. If using the AKS pod-managed identities add-on, no action is required. The clusters should now be running the version 1.8.13 release.	2022-12-21	not yet calculated	CVE-2022-23551 MISC MISC MISC
codeigniter4 — codeigniter4	CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `ConfigApp::$proxyIPs`. As a workaround, do not use `$request->getIPAddress()`.	2022-12-22	not yet calculated	CVE-2022-23556 MISC MISC
aveva — intouch_access_anywhere	AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.	2022-12-23	not yet calculated	CVE-2022-23854 MISC
snyk — abacus-ext-cmdline	All versions of package abacus-ext-cmdline are vulnerable to Command Injection via the execute function due to improper user-input sanitization.	2022-12-21	not yet calculated	CVE-2022-24431 CONFIRM
mozilla — multiple_products	Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1.	2022-12-22	not yet calculated	CVE-2022-2505 MISC MISC MISC MISC
snyk — p4	The package p4 before 0.0.7 are vulnerable to Command Injection via the run() function due to improper input sanitization	2022-12-20	not yet calculated	CVE-2022-25171 CONFIRM CONFIRM CONFIRM
vm2 — vm2	The package vm2 before 3.9.10 are vulnerable to Arbitrary Code Execution due to the usage of prototype lookup for the WeakMap.prototype.set method. Exploiting this vulnerability leads to access to a host object and a sandbox compromise.	2022-12-21	not yet calculated	CVE-2022-25893 CONFIRM CONFIRM CONFIRM CONFIRM
snyk — lite-dev-server	All versions of package lite-dev-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.	2022-12-21	not yet calculated	CVE-2022-25895 CONFIRM CONFIRM CONFIRM
snyk — safe-eval	All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype.	2022-12-20	not yet calculated	CVE-2022-25904 CONFIRM CONFIRM
snyk– smoothie	The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting (XSS) due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties.	2022-12-21	not yet calculated	CVE-2022-25929 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
snyk — easy-static-server	All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.	2022-12-20	not yet calculated	CVE-2022-25931 CONFIRM CONFIRM CONFIRM
snyk — package_lite_server	All versions of package lite-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.	2022-12-20	not yet calculated	CVE-2022-25940 CONFIRM CONFIRM CONFIRM
liquidjs — liquidjs	The package liquidjs before 10.0.0 are vulnerable to Information Exposure when ownPropertyOnly parameter is set to False, which results in leaking properties of a prototype. Workaround For versions 9.34.0 and higher, an option to disable this functionality is provided.	2022-12-22	not yet calculated	CVE-2022-25948 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
mozilla — multiple_products	An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.	2022-12-22	not yet calculated	CVE-2022-26381 MISC MISC MISC MISC
mozilla — firefox	While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98.	2022-12-22	not yet calculated	CVE-2022-26382 MISC MISC
mozilla — multiple_products	When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.	2022-12-22	not yet calculated	CVE-2022-26383 MISC MISC MISC MISC
mozilla — multiple_products	If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.	2022-12-22	not yet calculated	CVE-2022-26384 MISC MISC MISC MISC
mozilla — firefox	In unusual circumstances, an individual thread may outlive the thread’s manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 98.	2022-12-22	not yet calculated	CVE-2022-26385 MISC MISC
mozilla — multiple_products	Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. <br>This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7.	2022-12-22	not yet calculated	CVE-2022-26386 MISC MISC MISC
mozilla — multiple_products	When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.	2022-12-22	not yet calculated	CVE-2022-26387 MISC MISC MISC MISC
mozilla — multiple_products	Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.	2022-12-22	not yet calculated	CVE-2022-26485 MISC MISC
mozilla — multiple_products	An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.	2022-12-22	not yet calculated	CVE-2022-26486 MISC MISC
hikivision — multiple_products	The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.	2022-12-19	not yet calculated	CVE-2022-28173 MISC
ydb — server	Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert statement that would allow him to read sensitive information from other memory locations or cause a crash.	2022-12-23	not yet calculated	CVE-2022-28228 MISC
userver — userver	The hash functionality in userver before 42059b6319661583b3080cab9b595d4f8ac48128 allows attackers to cause a denial of service via crafted HTTP request, involving collisions.	2022-12-23	not yet calculated	CVE-2022-28229 MISC
mozilla — multiple_products	If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.	2022-12-22	not yet calculated	CVE-2022-28281 MISC MISC MISC MISC
mozilla — multiple_products	By using a link with <code>rel=”localization”</code> a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.	2022-12-22	not yet calculated	CVE-2022-28282 MISC MISC MISC MISC
mozilla — firefox	The sourceMapURL feature in devtools was missing security checks that would have allowed a webpage to attempt to include local files or other files that should have been inaccessible. This vulnerability affects Firefox < 99.	2022-12-22	not yet calculated	CVE-2022-28283 MISC MISC
mozilla — firefox	SVG’s <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko’s implementation was aligned with theirs. This vulnerability affects Firefox < 99.	2022-12-22	not yet calculated	CVE-2022-28284 MISC MISC
mozilla — multiple_products	When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.	2022-12-22	not yet calculated	CVE-2022-28285 MISC MISC MISC MISC
mozilla — multiple_products	Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.	2022-12-22	not yet calculated	CVE-2022-28286 MISC MISC MISC MISC
mozilla — firefox	In unusual circumstances, selecting text could cause text selection caching to behave incorrectly, leading to a crash. This vulnerability affects Firefox < 99.	2022-12-22	not yet calculated	CVE-2022-28287 MISC MISC
mozilla — firefox	Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 99.	2022-12-22	not yet calculated	CVE-2022-28288 MISC MISC
mozilla — multiple_products	Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.	2022-12-22	not yet calculated	CVE-2022-28289 MISC MISC MISC MISC
mozilla — multiple_products	Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.	2022-12-22	not yet calculated	CVE-2022-29909 MISC MISC MISC MISC
mozilla — firefox	When closed or sent to the background, Firefox for Android would not properly record and persist HSTS settings.<br>Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 100.	2022-12-22	not yet calculated	CVE-2022-29910 MISC MISC
mozilla — multiple_products	An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user-activation</code> could lead to script execution without <code>allow-scripts</code> being present. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.	2022-12-22	not yet calculated	CVE-2022-29911 MISC MISC MISC MISC
mozilla — multiple_products	Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.	2022-12-22	not yet calculated	CVE-2022-29912 MISC MISC MISC MISC
mozilla — thunderbird	The parent process would not properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child process. This vulnerability affects Thunderbird < 91.9.	2022-12-22	not yet calculated	CVE-2022-29913 MISC MISC
mozilla — multiple_products	When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.	2022-12-22	not yet calculated	CVE-2022-29914 MISC MISC MISC MISC
mozilla — firefox	The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects. This vulnerability affects Firefox < 100.	2022-12-22	not yet calculated	CVE-2022-29915 MISC MISC
mozilla — multiple_products	Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.	2022-12-22	not yet calculated	CVE-2022-29916 MISC MISC MISC MISC
mozilla — multiple_products	Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.	2022-12-22	not yet calculated	CVE-2022-29917 MISC MISC MISC MISC
mozilla — firefox	Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 100.	2022-12-22	not yet calculated	CVE-2022-29918 MISC MISC
mozilla — thunderbird	When receiving an HTML email that contained an <code>iframe</code> element, which used a <code>srcdoc</code> attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.	2022-12-22	not yet calculated	CVE-2022-3032 MISC MISC MISC
mozilla — thunderbird	If a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>http-equiv=”refresh”</code> attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. In combination with certain other HTML elements and attributes in the email, it was possible to execute JavaScript code included in the message in the context of the message compose document. The JavaScript code was able to perform actions including, but probably not limited to, read and modify the contents of the message compose document, including the quoted original message, which could potentially contain the decrypted plaintext of encrypted data in the crafted email. The contents could then be transmitted to the network, either to the URL specified in the META refresh tag, or to a different URL, as the JavaScript code could modify the URL specified in the document. This bug doesn’t affect users who have changed the default Message Body display setting to ‘simple html’ or ‘plain text’. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.	2022-12-22	not yet calculated	CVE-2022-3033 MISC MISC MISC
mozilla — thunderbird	When receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. However, Thunderbird didn’t display the document. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.	2022-12-22	not yet calculated	CVE-2022-3034 MISC MISC MISC
mozilla — thunderbird	When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm. This vulnerability affects Thunderbird < 102.3.	2022-12-22	not yet calculated	CVE-2022-3155 MISC MISC
concourse — concourse	Concourse (7.x.y prior to 7.8.3 and 6.x.y prior to 6.7.9) contains an authorization bypass issue. A Concourse user can send a request with body including :team_name=team2 to bypass team scope check to gain access to certain resources belong to any other team.	2022-12-19	not yet calculated	CVE-2022-31683 MISC
mozilla — multiple_products	A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.	2022-12-22	not yet calculated	CVE-2022-31736 MISC MISC MISC MISC
mozilla — multiple_products	A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.	2022-12-22	not yet calculated	CVE-2022-31737 MISC MISC MISC MISC
mozilla — multiple_products	When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.	2022-12-22	not yet calculated	CVE-2022-31738 MISC MISC MISC MISC
mozilla — multiple_products	When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%.<br>This bug only affects Firefox for Windows. Other operating systems are unaffected.. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.	2022-12-22	not yet calculated	CVE-2022-31739 MISC MISC MISC MISC
mozilla — multiple_products	On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.	2022-12-22	not yet calculated	CVE-2022-31740 MISC MISC MISC MISC
mozilla — multiple_products	A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.	2022-12-22	not yet calculated	CVE-2022-31741 MISC MISC MISC MISC
mozilla — multiple_products	An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.	2022-12-22	not yet calculated	CVE-2022-31742 MISC MISC MISC MISC
mozilla — firefox	Firefox’s HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101.	2022-12-22	not yet calculated	CVE-2022-31743 MISC MISC
mozilla — multiple_products	An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page’s Content Security Policy. This vulnerability affects Firefox ESR < 91.11, Thunderbird < 102, Thunderbird < 91.11, and Firefox < 101.	2022-12-22	not yet calculated	CVE-2022-31744 MISC MISC MISC MISC
mozilla — firefox	If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox < 101.	2022-12-22	not yet calculated	CVE-2022-31745 MISC MISC
mozilla — firefox_for_ios	Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS < 102.	2022-12-22	not yet calculated	CVE-2022-31746 MISC MISC
mozilla — multiple_products	Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.	2022-12-22	not yet calculated	CVE-2022-31747 MISC MISC MISC MISC
mozilla — firefox	Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 101.	2022-12-22	not yet calculated	CVE-2022-31748 MISC MISC
dataprobe — iboot-pdu_fw	Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user, which may expose the affected to an OS command injection vulnerability.	2022-12-21	not yet calculated	CVE-2022-3183 MISC
dataprobe — iboot-pdu_fw	Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the device’s existing firmware allows unauthenticated users to access an old PHP page vulnerable to directory traversal, which may allow a user to write a file to the webroot directory.	2022-12-21	not yet calculated	CVE-2022-3184 MISC
dataprobe — iboot-pdu_fw	Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product exposes sensitive data concerning the device.	2022-12-21	not yet calculated	CVE-2022-3185 MISC
dataprobe — iboot-pdu_fw	Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the device’s main management page from the cloud. This feature enables users to remotely connect devices, however, the current implementation permits users to access other device’s information.	2022-12-21	not yet calculated	CVE-2022-3186 MISC
dataprobe — iboot-pdu_fw	Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP pages only validate when a valid connection is established with the database. However, these PHP pages do not verify the validity of a user. Attackers could leverage this lack of verification to read the state of outlets.	2022-12-21	not yet calculated	CVE-2022-3187 MISC
dataprobe — iboot-pdu_fw	Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where unauthenticated users could open PHP index pages without authentication and download the history file from the device; the history file includes the latest actions completed by specific users.	2022-12-21	not yet calculated	CVE-2022-3188 MISC
dataprobe — iboot-pdu_fw	Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specially crafted PHP script could use parameters from a HTTP request to create a URL capable of changing the host parameter. The changed host parameter in the HTTP could point to another host that will send a request to the host or IP specified in the changed host parameter.	2022-12-21	not yet calculated	CVE-2022-3189 MISC
mozilla — multiple_products	An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.	2022-12-22	not yet calculated	CVE-2022-3266 MISC MISC MISC MISC
mitsubishi_electric — multiple_products	Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions “32” and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions “65” and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU all versions, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V all versions, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU all versions and Mitsubishi Electric Corporation MELIPC Series MI5122-VW all versions allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.	2022-12-23	not yet calculated	CVE-2022-33324 MISC MISC MISC
mozilla — multiple_products	An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.	2022-12-22	not yet calculated	CVE-2022-34468 MISC MISC MISC MISC
mozilla — firefox_for_android	When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. <br>This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 102.	2022-12-22	not yet calculated	CVE-2022-34469 MISC MISC
mozilla — multiple_products	Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.	2022-12-22	not yet calculated	CVE-2022-34470 MISC MISC MISC MISC
mozilla — firefox	When downloading an update for an addon, the downloaded addon update’s version was not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the browser into downgrading the addon to a prior version. This vulnerability affects Firefox < 102.	2022-12-22	not yet calculated	CVE-2022-34471 MISC MISC
mozilla — multiple_products	If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.	2022-12-22	not yet calculated	CVE-2022-34472 MISC MISC MISC MISC
mozilla — firefox	The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code><use></code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. This vulnerability affects Firefox < 102.	2022-12-22	not yet calculated	CVE-2022-34473 MISC MISC
mozilla — firefox	Even when an iframe was sandboxed with <code>allow-top-navigation-by-user-activation</code>, if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate. This vulnerability affects Firefox < 102.	2022-12-22	not yet calculated	CVE-2022-34474 MISC MISC
mozilla — firefox	SVG <code><use></code> tags that referenced a same-origin document could have resulted in script execution if attacker input was sanitized via the HTML Sanitizer API. This would have required the attacker to reference a same-origin JavaScript file containing the script to be executed. This vulnerability affects Firefox < 102.	2022-12-22	not yet calculated	CVE-2022-34475 MISC MISC
mozilla — firefox	ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This vulnerability affects Firefox < 102.	2022-12-22	not yet calculated	CVE-2022-34476 MISC MISC
mozilla — firefox	The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 102.	2022-12-22	not yet calculated	CVE-2022-34477 MISC MISC
mozilla — multiple_products	The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</code> protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Thunderbird), so in this release Thunderbird has blocked these protocols from prompting the user to open them.<br>This bug only affects Thunderbird on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.	2022-12-22	not yet calculated	CVE-2022-34478 MISC MISC MISC MISC
mozilla — multiple_products	A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. <br>This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.	2022-12-22	not yet calculated	CVE-2022-34479 MISC MISC MISC MISC
mozilla — firefox	Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.	2022-12-22	not yet calculated	CVE-2022-34480 MISC MISC
mozilla — multiple_products	In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.	2022-12-22	not yet calculated	CVE-2022-34481 MISC MISC MISC MISC
mozilla — firefox	An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34483. This vulnerability affects Firefox < 102.	2022-12-22	not yet calculated	CVE-2022-34482 MISC MISC
mozilla — firefox	An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox < 102.	2022-12-22	not yet calculated	CVE-2022-34483 MISC MISC
mozilla — multiple_products	The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.	2022-12-22	not yet calculated	CVE-2022-34484 MISC MISC MISC MISC
mozilla — firefox	Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102.	2022-12-22	not yet calculated	CVE-2022-34485 MISC MISC
ibm — security_verify_governance_identity_manager	IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user’s access request using man-in-the-middle techniques. IBM X-Force ID: 231096.	2022-12-22	not yet calculated	CVE-2022-35646 MISC MISC
nokia — fastmile	Nokia Fastmile 3tg00118abad52 is affected by an authenticated path traversal vulnerability which allows attackers to read any named pipe file on the system.	2022-12-21	not yet calculated	CVE-2022-36221 MISC
nokia — fastmile	Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface.	2022-12-21	not yet calculated	CVE-2022-36222 MISC
mozilla — multiple_products	When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1.	2022-12-22	not yet calculated	CVE-2022-36314 MISC MISC MISC MISC
mozilla — firefox	When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata. This vulnerability affects Firefox < 103.	2022-12-22	not yet calculated	CVE-2022-36315 MISC MISC
mozilla — firefox	When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. This vulnerability affects Firefox < 103.	2022-12-22	not yet calculated	CVE-2022-36316 MISC MISC
mozilla — firefox	When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.<br>This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 103.	2022-12-22	not yet calculated	CVE-2022-36317 MISC MISC
mozilla — multiple_products	When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12.	2022-12-22	not yet calculated	CVE-2022-36318 MISC MISC MISC MISC MISC MISC
mozilla — multiple_products	When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12.	2022-12-22	not yet calculated	CVE-2022-36319 MISC MISC MISC MISC MISC MISC
mozilla — firefox	Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 103.	2022-12-22	not yet calculated	CVE-2022-36320 MISC MISC
talos — openimageio_master-branch	A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensitive information leak. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-36354 MISC
rockwell_automation — logix_controllers	An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online and continue normal operation.	2022-12-19	not yet calculated	CVE-2022-3752 MISC
grub2 — grub2	When rendering certain unicode sequences, grub2’s font code doesn’t proper validate if the informed glyph’s width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2’s heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.	2022-12-19	not yet calculated	CVE-2022-3775 MISC
wordpress — wordpress	The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various AJAX actions in versions up to, and including, 2.5.6. Authenticated users can use an easily available nonce value to create header templates and make additional changes to the site, as the plugin does not use capability checks for this purpose.	2022-12-22	not yet calculated	CVE-2022-3794 MISC MISC MISC
wordpress — wordpress	The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and including, 2.5.6. Unauthenticated users can use an easily available nonce, obtained from pages edited by the plugin, to update the MailChimp API key, global styles, 404 page settings, and enabled elements.	2022-12-22	not yet calculated	CVE-2022-3805 MISC MISC MISC
talos — openstack_kolla_git_master	A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges.	2022-12-21	not yet calculated	CVE-2022-38060 MISC
talos — openstack_kolla_git_master	A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly permissive functionality within tools leveraging this library within a container can lead increased privileges.	2022-12-21	not yet calculated	CVE-2022-38065 MISC
talos — openimageio	A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted bmp file can write to arbitrary out of bounds memory, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-38143 MISC
mozilla — multiple_products	An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.	2022-12-22	not yet calculated	CVE-2022-38472 MISC MISC MISC MISC MISC MISC
mozilla — multiple_products	A cross-origin iframe referencing an XSLT document would inherit the parent domain’s permissions (such as microphone or camera access). This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.	2022-12-22	not yet calculated	CVE-2022-38473 MISC MISC MISC MISC MISC MISC
mozilla — firefox_for_android	A website that had permission to access the microphone could record audio without the audio notification being shown. This bug does not allow the attacker to bypass the permission prompt – it only affects the notification shown once permission has been granted.<br />This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 104.	2022-12-22	not yet calculated	CVE-2022-38474 MISC MISC
mozilla — firefox	An attacker could have written a value to the first element in a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox < 104.	2022-12-22	not yet calculated	CVE-2022-38475 MISC MISC
mozilla — multiple_products	A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunderbird < 102.2.	2022-12-22	not yet calculated	CVE-2022-38476 MISC MISC MISC
mozilla — multiple_products	Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.2, Thunderbird < 102.2, and Firefox < 104.	2022-12-22	not yet calculated	CVE-2022-38477 MISC MISC MISC MISC
mozilla — multiple_products	Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.	2022-12-22	not yet calculated	CVE-2022-38478 MISC MISC MISC MISC MISC MISC
zyxel — zyxel_nbg7510	A DNS misconfiguration was found in Zyxel NBG7510 firmware versions prior to V1.00(ABZY.3)C0, which could allow an unauthenticated attacker to access the DNS server when the device is switched to the AP mode.	2022-12-21	not yet calculated	CVE-2022-38546 CONFIRM
hcl_technologies — bigfix_webui	BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site.	2022-12-21	not yet calculated	CVE-2022-38655 MISC
hcl_technologies — bigfix_webui	BigFix deployments that have installed the Notification Service on Windows are susceptible to disclosing SMTP BigFix operator’s sensitive data in clear text. Operators who use Notification Service related content from BES Support are at risk of leaving their SMTP sensitive data exposed.	2022-12-24	not yet calculated	CVE-2022-38658 MISC
netapp — oncommand_insight	OnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass vulnerability in the Data Warehouse component.	2022-12-20	not yet calculated	CVE-2022-38733 MISC
modzero — click_studios	A vulnerability classified as critical was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This vulnerability affects unknown code of the component API. The manipulation leads to authentication bypass by assumed-immutable data. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216244.	2022-12-19	not yet calculated	CVE-2022-3875 MISC MISC MISC
micro_focus — zenworks_2020	A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. This vulnerability allows administrators with rights to perform actions (e.g., install a bundle) on a set of managed devices, to be able to exercise these rights on managed devices in the ZENworks zone but which are outside the scope of the administrator. This vulnerability does not result in the administrators gaining additional rights on the managed devices, either in the scope or outside the scope of the administrator.	2022-12-23	not yet calculated	CVE-2022-38757 MISC MISC MISC
modzero — click_studios	A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This issue affects some unknown processing of the file /api/browserextension/UpdatePassword/ of the component API. The manipulation of the argument PasswordID leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier VDB-216245 was assigned to this vulnerability.	2022-12-19	not yet calculated	CVE-2022-3876 MISC MISC MISC
modzero — click_studios	A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected is an unknown function of the component URL Field Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. VDB-216246 is the identifier assigned to this vulnerability.	2022-12-19	not yet calculated	CVE-2022-3877 MISC MISC MISC
d-link — dap	D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119_beta31 and earlier, DAP-3320 v1.05rc027 beta and earlier, DAP-3662 v1.05rc047 and earlier allows attackers to cause a Denial of Service (DoS) via uploading a crafted firmware after modifying the firmware header.	2022-12-20	not yet calculated	CVE-2022-38873 MISC MISC
ibm — aix_vios	IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 235181.	2022-12-23	not yet calculated	CVE-2022-39164 MISC MISC
ibm — aix_vios	IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in CAA to cause a denial of service. IBM X-Force ID: 235183.	2022-12-23	not yet calculated	CVE-2022-39165 MISC MISC
ghinstallation — ghinstallation	ghinstallation provides transport, which implements http.RoundTripper to provide authentication as an installation for GitHub Apps. In ghinstallation version 1, when the request to refresh an installation token failed, the HTTP request and response would be returned for debugging. The request contained the bearer JWT for the App, and was returned back to clients. This token is short lived (10 minute maximum). This issue has been patched and is available in version 2.0.0.	2022-12-20	not yet calculated	CVE-2022-39304 MISC MISC MISC MISC
typora — typora	Cross Site Scripting (XSS) vulnerability in typora through 1.38 allows remote attackers to run arbitrary code via export from editor.	2022-12-23	not yet calculated	CVE-2022-40011 MISC MISC MISC
apache — karaf	This vulnerable is about a potential code injection when an attacker has control of the target LDAP server using in the JDBC JNDI URL. The function jaas.modules.src.main.java.porg.apache.karaf.jass.modules.jdbc.JDBCUtils#doCreateDatasource use InitialContext.lookup(jndiName) without filtering. An user can modify `options.put(JDBCUtils.DATASOURCE, “osgi:” + DataSource.class.getName());` to `options.put(JDBCUtils.DATASOURCE,”jndi:rmi://x.x.x.x:xxxx/Command”);` in JdbcLoginModuleTest#setup. This is vulnerable to a remote code execution (RCE) attack when a configuration uses a JNDI LDAP data source URI when an attacker has control of the target LDAP server.This issue affects all versions of Apache Karaf up to 4.4.1 and 4.3.7. We encourage the users to upgrade to Apache Karaf at least 4.4.2 or 4.3.8	2022-12-21	not yet calculated	CVE-2022-40145 MISC
ibm — aix_vios	IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX TCP/IP kernel extension to cause a denial of service. IBM X-Force ID: 235599.	2022-12-23	not yet calculated	CVE-2022-40233 MISC MISC
softr — softr	Softr v2.0 was discovered to be vulnerable to HTML injection via the Name field of the Account page.	2022-12-19	not yet calculated	CVE-2022-40434 MISC MISC MISC
sourcecodester — employee_performance_evaluation_system	Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via adding new entries under the Departments and Designations module.	2022-12-19	not yet calculated	CVE-2022-40435 MISC MISC MISC
pfSense — pfBlockerNG	pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814.	2022-12-20	not yet calculated	CVE-2022-40624 MISC MISC MISC
ndk_design — ndkadvancedcustomizationfields	A cross-site scripting (XSS) vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the “htmlNodes” parameter.	2022-12-21	not yet calculated	CVE-2022-40841 MISC MISC
pypa — setuptools	Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.	2022-12-23	not yet calculated	CVE-2022-40897 MISC MISC CONFIRM MISC MISC
pypa — wheel	An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.	2022-12-23	not yet calculated	CVE-2022-40898 MISC MISC MISC
pythoncharmers — python_future	An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server.	2022-12-23	not yet calculated	CVE-2022-40899 MISC MISC MISC MISC
mozilla — firefox_esr_thunderbird	When injecting an HTML base element, some requests would ignore the CSP’s base-uri settings and accept the injected element’s base instead. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.	2022-12-22	not yet calculated	CVE-2022-40956 MISC MISC MISC MISC
mozilla — firefox_esr_thunderbird	Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.<br>This bug only affects Firefox on ARM64 platforms.. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.	2022-12-22	not yet calculated	CVE-2022-40957 MISC MISC MISC MISC
mozilla — firefox_esr_thunderbird	By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.	2022-12-22	not yet calculated	CVE-2022-40958 MISC MISC MISC MISC
mozilla — firefox_esr_thunderbird	During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.	2022-12-22	not yet calculated	CVE-2022-40959 MISC MISC MISC MISC
mozilla — firefox_esr_thunderbird	Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.	2022-12-22	not yet calculated	CVE-2022-40960 MISC MISC MISC MISC
mozilla — firefox_for_android	During startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash.<br>This issue only affects Firefox for Android. Other operating systems are not affected.. This vulnerability affects Firefox < 105.	2022-12-22	not yet calculated	CVE-2022-40961 MISC MISC
mozilla — multiple_products	Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.	2022-12-22	not yet calculated	CVE-2022-40962 MISC MISC MISC MISC
ibm — aix_and_vios	IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. IBM X-Force ID: 236690.	2022-12-23	not yet calculated	CVE-2022-41290 MISC MISC
blogengine — blogengine.net	An issue in the component BlogEngine/BlogEngine.NET/AppCode/Api/UploadController.cs of BlogEngine.NET v3.3.8.0 allows attackers to execute arbitrary code via uploading a crafted PNG file.	2022-12-19	not yet calculated	CVE-2022-41418 MISC MISC MISC
harmonyos — harmonyos	Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability.	2022-12-20	not yet calculated	CVE-2022-41590 MISC
harmonyos — harmonyos	The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.	2022-12-20	not yet calculated	CVE-2022-41591 MISC MISC
openimageio — openimageio	A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-41639 MISC
openimageio — openimageio	A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0. A specially-crafted TIFF file can cause a read of adjacent heap memory, which can leak sensitive process information. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-41649 MISC
ghost — ghost_foundation_ghost	An authentication bypass vulnerability exists in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-41654 MISC CONFIRM
openimageio — openimageio	A heap out of bounds read vulnerability exists in the OpenImageIO master-branch-9aeece7a when parsing the image file directory part of a PSD image file. A specially-crafted .psd file can cause a read of arbitrary memory address which can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-41684 MISC
ghost — ghost_foundation_ghost	A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-41697 MISC
openimageio — openimageio	A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-41794 MISC
openimageio — openimageio_project_openimageio	An out-of-bounds write vulnerability exists in the OpenImageIO::add_exif_item_to_spec functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially-crafted exif metadata can lead to stack-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-41837 MISC
openimageio — openimageio_project_openimageio	A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-41838 MISC
openimageio — openimageio	An out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files. A specially-crafted TIFF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-41977 MISC
openimageio — openimageio	A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can lead to out of bounds read and write on the process stack, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-41981 MISC
openimageio — openimageio_project_openimageio	An information disclosure vulnerability exists in the OpenImageIO::decode_iptc_iim() functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted TIFF file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-41988 MISC
openimageio — openimageio_project_openimageio	A denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and v2.4.4.2. A specially-crafted .dds can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-41999 MISC
wfs_inc — heavenburnsred	WFS, Inc HeavenBurnsRed 2020.3.15.7141260 is vulnerable to Local Privilege Escalation.	2022-12-20	not yet calculated	CVE-2022-42046 MISC
hcl_technology — big_fix	There are insufficient warnings when a Fixlet is imported by a user. The warning message currently assumes the owner of the script is the logged in user, with insufficient warnings when attempting to run the script.	2022-12-19	not yet calculated	CVE-2022-42453 MISC
hcl_technology — big_fix	Insights for Vulnerability Remediation (IVR) is vulnerable to man-in-the-middle attacks that may lead to information disclosure. This requires privileged network access.	2022-12-21	not yet calculated	CVE-2022-42454 MISC
devolutions — remote_desktop_manager	Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on Windows allows malicious user to access the application.	2022-12-21	not yet calculated	CVE-2022-4287 MISC
mozilla — multiple_products	A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via <code>performance.getEntries()</code>. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106.	2022-12-22	not yet calculated	CVE-2022-42927 MISC MISC MISC MISC
mozilla — multiple_products	Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106.	2022-12-22	not yet calculated	CVE-2022-42928 MISC MISC MISC MISC
mozilla — multiple_products	If a website called <code>window.print()</code> in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user’s session restore settings. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106.	2022-12-22	not yet calculated	CVE-2022-42929 MISC MISC MISC MISC
mozilla — firefox_for_android	If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the <code>ThirdPartyUtil</code> component. This vulnerability affects Firefox < 106.	2022-12-22	not yet calculated	CVE-2022-42930 MISC MISC
mozilla — firefox_for_android	Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox < 106.	2022-12-22	not yet calculated	CVE-2022-42931 MISC MISC
mozilla — multiple_products	Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106.	2022-12-22	not yet calculated	CVE-2022-42932 MISC MISC MISC MISC
autodesk — dwg_trueviewtm_2023	DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability. Successful exploitation by a malicious attacker could result in remote code execution on the target system.	2022-12-19	not yet calculated	CVE-2022-42945 MISC
autodesk — multiple_products	Parsing a maliciously crafted X_B and PRT file can force Autodesk Maya 2023 to read beyond allocated buffer. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.	2022-12-19	not yet calculated	CVE-2022-42946 MISC
autodesk — multiple_products	A maliciously crafted X_B file when parsed through Autodesk Maya 2023 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution.	2022-12-19	not yet calculated	CVE-2022-42947 MISC
silverstripe — subsites	Silverstripe silverstripe/subsites through 2.6.0 has Insecure Permissions.	2022-12-21	not yet calculated	CVE-2022-42949 MISC MISC
inhabit — pty_ltd_move_crm	Inhabit Systems Pty Ltd Move CRM version 4, build 260 was discovered to contain a cross-site scripting (XSS) vulnerability via the User profile component.	2022-12-22	not yet calculated	CVE-2022-43271 CONFIRM MISC
ibm — multiple_products	IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX NFS kernel extension to cause a denial of service. IBM X-Force ID: 238640.	2022-12-23	not yet calculated	CVE-2022-43380 MISC MISC
ibm — multiple_products	IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 238639.	2022-12-23	not yet calculated	CVE-2022-43381 MISC MISC
plusmessage_app — multiple_products	KDDI +Message App, NTT DOCOMO +Message App, and SoftBank +Message App contain a vulnerability caused by improper handling of Unicode control characters. +Message App displays text unprocessed, even when control characters are contained, and the text is shown based on Unicode control character’s specifications. Therefore, a crafted text may display misleading web links. As a result, a spoofed URL may be displayed and phishing attacks may be conducted. Affected products and versions are as follows: KDDI +Message App for Android prior to version 3.9.2 and +Message App for iOS prior to version 3.9.4, NTT DOCOMO +Message App for Android prior to version 54.49.0500 and +Message App for iOS prior to version 3.9.4, and SoftBank +Message App for Android prior to version 12.9.5 and +Message App for iOS prior to version 3.9.4	2022-12-21	not yet calculated	CVE-2022-43543 MISC MISC MISC MISC
fedora_36 — curl	A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E) `.`. Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded.	2022-12-23	not yet calculated	CVE-2022-43551 MISC MISC
openimageio — openimageio	An information disclosure vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-43592 MISC
openimageio — openimageio	A denial of service vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to null pointer dereference. An attacker can provide malicious input to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-43593 MISC
openimageio — openimageio	Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .bmp files.	2022-12-22	not yet calculated	CVE-2022-43594 MISC
openimageio — openimageio	Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .fits files.	2022-12-22	not yet calculated	CVE-2022-43595 MISC
openimageio — openimageio	An information disclosure vulnerability exists in the IFFOutput channel interleaving functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-43596 MISC
openimageio — openimageio	Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT8`.	2022-12-22	not yet calculated	CVE-2022-43597 MISC
openimageio — openimageio	Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT16`.	2022-12-22	not yet calculated	CVE-2022-43598 MISC
openimageio — openimageio	Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8`	2022-12-22	not yet calculated	CVE-2022-43599 MISC
openimageio — openimageio	Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16`	2022-12-22	not yet calculated	CVE-2022-43600 MISC
openimageio — openimageio	Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16`	2022-12-22	not yet calculated	CVE-2022-43601 MISC
openimageio — openimageio	Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8`	2022-12-22	not yet calculated	CVE-2022-43602 MISC
openimageio — openimageio	A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.	2022-12-22	not yet calculated	CVE-2022-43603 MISC
ibm — multiple_products	IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. IBM X-Force ID: 239169.	2022-12-23	not yet calculated	CVE-2022-43848 MISC MISC
ibm — multiple_products	IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX pfcdd kernel extension to cause a denial of service. IBM X-Force ID: 239170.	2022-12-23	not yet calculated	CVE-2022-43849 MISC MISC
ibm — navigator_for_i	IBM Navigator for i 7.3, 7.4 and 7.5 could allow an authenticated user to access IBM Navigator for i log files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks and download log files by modifying servlet filter. IBM X-Force ID: 239301.	2022-12-22	not yet calculated	CVE-2022-43857 MISC MISC
ibm — navigator_for_i	IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to access the file system and download files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks by modifying a parameter thereby gaining access to their files through this interface. IBM X-Force ID: 239303.	2022-12-22	not yet calculated	CVE-2022-43858 MISC MISC
ibm — navigator_for_i	IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information for an object they are authorized to but not while using this interface. By performing a UNION based SQL injection an attacker could see file permissions through this interface. IBM X-Force ID: 239304.	2022-12-22	not yet calculated	CVE-2022-43859 MISC MISC
ibm — navigator_for_i	IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information they are authorized to but not while using this interface. By performing an SQL injection an attacker could see user profile attributes through this interface. IBM X-Force ID: 239305.	2022-12-24	not yet calculated	CVE-2022-43860 MISC MISC
ibm — financial_transaction-manager	IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system. IBM X-Force ID: 239708.	2022-12-20	not yet calculated	CVE-2022-43872 MISC MISC
ibm — financial_transaction-manager	IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations. IBM X-Force ID: 240034.	2022-12-20	not yet calculated	CVE-2022-43875 MISC MISC
pdftojson commit 94204bb — pdftojson commit 94204bb	pdftojson commit 94204bb was discovered to contain a stack overflow via the component Object::copy(Object*):Object.cc.	2022-12-19	not yet calculated	CVE-2022-44108 MISC MISC
pdftojson commit 94204bb — pdftojson commit 94204bb	pdftojson commit 94204bb was discovered to contain a stack overflow via the component Stream::makeFilter(char, Stream, Object*, int).	2022-12-19	not yet calculated	CVE-2022-44109 MISC MISC
otrs — otrs	Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.	2022-12-19	not yet calculated	CVE-2022-4427 MISC
zenphoto — zenphoto	Stored cross-site scripting vulnerability in Zenphoto versions prior to 1.6 allows remote a remote authenticated attacker with an administrative privilege to inject an arbitrary script.	2022-12-21	not yet calculated	CVE-2022-44449 MISC MISC MISC
uisp_wireless– multiple_products	An improper access validation vulnerability exists in airMAX AC <8.7.11, airFiber 60/LR <2.6.2, airFiber 60 XG/HD <v1.0.0 and airFiber GBE <1.4.1 that allows a malicious actor to retrieve status and usage data from the UISP device.	2022-12-23	not yet calculated	CVE-2022-44565 MISC
rocket.chat-desktop — rocket.chat-desktop	A command injection vulnerability exists in Rocket.Chat-Desktop <3.8.14 that could allow an attacker to pass a malicious url of openInternalVideoChatWindow to shell.openExternal(), which may lead to remote code execution (internalVideoChatWindow.ts#L17). To exploit the vulnerability, the internal video chat window must be disabled or a Mac App Store build must be used (internalVideoChatWindow.ts#L14). The vulnerability may be exploited by an XSS attack because the function openInternalVideoChatWindow is exposed in the Rocket.Chat-Desktop-API.	2022-12-23	not yet calculated	CVE-2022-44567 MISC
grafana_labs — enterprise_metrics	A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not be applied when using this policy with the affected versions of the software. This issue affects: Grafana Labs Grafana Enterprise Metrics GEM 1.X versions prior to 1.7.1 on AMD64; GEM 2.X versions prior to 2.3.1 on AMD64.	2022-12-20	not yet calculated	CVE-2022-44643 MISC MISC
hcl_software– bigfix_insights_for_vulnerability_remediation	Insights for Vulnerability Remediation (IVR) is vulnerable to improper input validation. This may lead to information disclosure. This requires privileged access.	2022-12-21	not yet calculated	CVE-2022-44756 MISC
patchelf — patchelf	Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc.	2022-12-19	not yet calculated	CVE-2022-44940 MISC
exuberant_ctags — exuberant_ctags	A flaw was found in Exuberant Ctags in the way it handles the “-o” option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way.	2022-12-20	not yet calculated	CVE-2022-4515 MISC
apache — shardingsphere-proxy	Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn’t cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apache ShardingSphere 5.3.0.	2022-12-22	not yet calculated	CVE-2022-45347 MISC
mozilla — multiple_products	Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45403 MISC MISC MISC MISC
mozilla — multiple_products	Through a series of popup and <code>window.print()</code> calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45404 MISC MISC MISC MISC
mozilla — multiple_products	Freeing arbitrary <code>nsIInputStream</code>’s on a different thread than creation could have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45405 MISC MISC MISC MISC
mozilla — multiple_products	If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45406 MISC MISC MISC MISC
mozilla — firefox	If an attacker loaded a font using <code>FontFace()</code> on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45407 MISC MISC
mozilla — multiple_products	Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45408 MISC MISC MISC MISC
mozilla — multiple_products	The garbage collector could have been aborted in several states and zones and <code>GCRuntime::finishCollection</code> may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45409 MISC MISC MISC MISC
mozilla — multiple_products	When a ServiceWorker intercepted a request with <code>FetchEvent</code>, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45410 MISC MISC MISC MISC
mozilla — multiple_products	Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on <code>fetch()</code> and XMLHttpRequest; however some webservers have implemented non-standard headers such as <code>X-Http-Method-Override</code> that override the HTTP method, and made this attack possible again. Thunderbird has applied the same mitigations to the use of this and similar headers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45411 MISC MISC MISC MISC
mozilla — multiple_products	When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. <br>This bug only affects Thunderbird on Unix-based operated systems (Android, Linux, MacOS). Windows is unaffected.. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45412 MISC MISC MISC MISC
mozilla — firefox	Using the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.<br>This issue only affects Firefox for Android. Other operating systems are not affected.. This vulnerability affects Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45413 MISC MISC
mozilla — thunderbird	If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targetting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago. This vulnerability affects Thunderbird < 102.5.1.	2022-12-22	not yet calculated	CVE-2022-45414 MISC MISC
mozilla — firefox	When downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was later ran. This vulnerability affects Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45415 MISC MISC
mozilla — multiple_products	Keyboard events reference strings like “KeyA” that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45416 MISC MISC MISC MISC
mozilla — firefox	Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45417 MISC MISC
mozilla — multiple_products	If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45418 MISC MISC MISC MISC
mozilla — firefox	If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability affects Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45419 MISC MISC
mozilla — multiple_products	Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45420 MISC MISC MISC MISC
mozilla — multiple_products	Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-45421 MISC MISC MISC MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the hostname parameter in the formSetNetCheckTools function.	2022-12-23	not yet calculated	CVE-2022-45706 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsHijack function.	2022-12-23	not yet calculated	CVE-2022-45707 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the sPortMapIndex parameter in the formDelPortMapping function.	2022-12-23	not yet calculated	CVE-2022-45708 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple command injection vulnerabilities via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function.	2022-12-23	not yet calculated	CVE-2022-45709 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function.	2022-12-23	not yet calculated	CVE-2022-45710 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the hostname parameter in the formSetNetCheckTools function.	2022-12-23	not yet calculated	CVE-2022-45711 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsForward function.	2022-12-23	not yet calculated	CVE-2022-45712 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formQOSRuleDel function.	2022-12-23	not yet calculated	CVE-2022-45714 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pLanPortRange and pWanPortRange parameters in the formSetPortMapping function.	2022-12-23	not yet calculated	CVE-2022-45715 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formIPMacBindDel function.	2022-12-23	not yet calculated	CVE-2022-45716 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. This vulnerability is exploited via a crafted GET request.	2022-12-23	not yet calculated	CVE-2022-45717 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formIPMacBindAdd function.	2022-12-23	not yet calculated	CVE-2022-45718 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the gotoUrl parameter in the formPortalAuth function.	2022-12-23	not yet calculated	CVE-2022-45719 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function.	2022-12-23	not yet calculated	CVE-2022-45720 MISC
ip-com_m50– ip-com_m50	IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function.	2022-12-23	not yet calculated	CVE-2022-45721 MISC
trend_micro — apex_one	A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abusing the service to delete a file. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.	2022-12-24	not yet calculated	CVE-2022-45798 MISC MISC
baijiacms — baijiacms	A Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4.	2022-12-20	not yet calculated	CVE-2022-45942 MISC MISC
classcms — classcms	here is an arbitrary file upload vulnerability in the file management function module of Classcms3.5.	2022-12-22	not yet calculated	CVE-2022-45966 MISC
wbce_cms — wbce_cms	WBCE CMS v1.5.4 can implement getshell by modifying the upload file type.	2022-12-20	not yet calculated	CVE-2022-46020 MISC
d-link — dir-869_dir869ax_fw102b15	D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi.	2022-12-20	not yet calculated	CVE-2022-46076 MISC MISC
sourcecodester — covid-19_directory_on_vaccination_system	Sourcecodester Covid-19 Directory on Vaccination System 1.0 was discovered to contain a Cross-Site Scripting (XSS) vulnerability via verification.php because the program does not verify the txtvaccinationID parameter.	2022-12-21	not yet calculated	CVE-2022-46095 MISC MISC
sourcecodester — covid-19_directory_on_vaccination_system	A Cross site scripting (XSS) vulnerability in Sourcecodester Online Covid-19 Directory on Vaccination System v1.0 allows attackers to execute arbitrary code via the txtfullname parameter or txtphone parameter to register.php without logging in.	2022-12-21	not yet calculated	CVE-2022-46096 MISC
ayacms — ayacms	AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code.	2022-12-22	not yet calculated	CVE-2022-46101 MISC
ayacms — ayacms	AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php	2022-12-22	not yet calculated	CVE-2022-46102 MISC
tp-link — tl-wr940n	TP-Link TL-WR940N V4 3.16.9 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.	2022-12-20	not yet calculated	CVE-2022-46139 MISC
codeigniter– codeigniter	CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie.	2022-12-22	not yet calculated	CVE-2022-46170 MISC MISC
tauri-apps– tauri	Tauri is a framework for building binaries for all major desktop platforms. The filesystem glob pattern wildcards ``, `?`, and `[…]` match file path literals and leading dots by default, which unintentionally exposes sub folder content of allowed paths. Scopes without the wildcards are not affected. As `*` allows for sub directories the behavior there is also as expected. The issue has been patched in the latest release and was backported into the currently supported 1.x branches. There are no known workarounds at the time of publication.	2022-12-23	not yet calculated	CVE-2022-46171 MISC MISC MISC
json — json	JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including version `2.2.1` does not restrict parsing of keys named `__proto__`, allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype, which is the commonly understood definition of Prototype Pollution. However, polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys, but could include denial of service, cross-site scripting, elevation of privilege, and in extreme cases, remote code execution. `JSON5.parse` should restrict parsing of `__proto__` keys when parsing JSON strings to objects. As a point of reference, the `JSON.parse` method included in JavaScript ignores `__proto__` keys. Simply changing `JSON5.parse` to `JSON.parse` in the examples above mitigates this vulnerability. This vulnerability is patched in json5 version 2.2.2 and later.	2022-12-24	not yet calculated	CVE-2022-46175 MISC MISC MISC
wordpress — wordpress	The Sidebar Widgets by CodeLights plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Extra CSS class’ parameter in versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.	2022-12-20	not yet calculated	CVE-2022-4619 MISC MISC
omron corporation — cx-drive	Use after free vulnerability in CX-Drive V3.00 and earlier allows a local attacker to execute arbitrary code by having a user to open a specially crafted file,	2022-12-21	not yet calculated	CVE-2022-46282 MISC
lirantal– daloradius	Sensitive Cookie Without ‘HttpOnly’ Flag in GitHub repository lirantal/daloradius prior to master.	2022-12-21	not yet calculated	CVE-2022-4630 CONFIRM MISC
wp-ban — wp-ban	A vulnerability, which was classified as problematic, was found in WP-Ban. Affected is an unknown function of the file ban-options.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 22b925449c84faa9b7496abe4f8f5661cb5eb3bf. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216480.	2022-12-21	not yet calculated	CVE-2022-4631 N/A N/A
auto_upload_images — auto_upload_images	A vulnerability has been found in Auto Upload Images up to 3.3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 3.3.1 is able to address this issue. The name of the patch is 895770ee93887ec78429c78ffdfb865bee6f9436. It is recommended to upgrade the affected component. The identifier VDB-216481 was assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2022-4632 N/A N/A MISC
auto_upload_images — auto_upload_images	A vulnerability was found in Auto Upload Images up to 3.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file src/setting-page.php of the component Settings Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 3.3.1 is able to address this issue. The name of the patch is 895770ee93887ec78429c78ffdfb865bee6f9436. It is recommended to upgrade the affected component. VDB-216482 is the identifier assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2022-4633 N/A N/A MISC
squirrel — squirrel.windows	Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.	2022-12-21	not yet calculated	CVE-2022-46330 MISC MISC MISC
proofpoint — enterprise_protection	Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below.	2022-12-21	not yet calculated	CVE-2022-46334 MISC
ep3-bs — ep3-bs	A vulnerability classified as problematic has been found in ep3-bs up to 1.7.x. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.8.0 is able to address this issue. The name of the patch is ef49e709c8adecc3a83cdc6164a67162991d2213. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216495.	2022-12-21	not yet calculated	CVE-2022-4637 N/A N/A N/A MISC
collective.contact.widget — collective.contact.widget	A vulnerability classified as problematic was found in collective.contact.widget up to 1.12. This vulnerability affects the function title of the file src/collective/contact/widget/widgets.py. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 5da36305ca7ed433782be8901c47387406fcda12. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216496.	2022-12-21	not yet calculated	CVE-2022-4638 N/A N/A
sslh — sslh	A vulnerability, which was classified as critical, has been found in sslh. This issue affects the function hexdump of the file probe.c of the component Packet Dumping Handler. The manipulation of the argument msg_info leads to format string. The attack may be initiated remotely. The name of the patch is b19f8a6046b080e4c2e28354a58556bb26040c6f. It is recommended to apply a patch to fix this issue. The identifier VDB-216497 was assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2022-4639 N/A N/A N/A
microchip — multiple_products	The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) is unresponsive with ConReqTimeoutZero.	2022-12-19	not yet calculated	CVE-2022-46399 CONFIRM MISC MISC MISC
mingsoft — mcms	A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216499.	2022-12-21	not yet calculated	CVE-2022-4640 N/A N/A
microchip — multiple_products	The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing.	2022-12-19	not yet calculated	CVE-2022-46400 CONFIRM MISC MISC MISC
microchip — multiple_products	The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete.	2022-12-19	not yet calculated	CVE-2022-46401 CONFIRM MISC MISC MISC
microchip — multiple_products	The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values.	2022-12-19	not yet calculated	CVE-2022-46402 CONFIRM MISC MISC MISC
microchip — multiple_products	The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) mishandles reject messages.	2022-12-19	not yet calculated	CVE-2022-46403 CONFIRM MISC MISC MISC
pig-vector– pig-vector	A vulnerability was found in pig-vector and classified as problematic. Affected by this issue is the function LogisticRegression of the file src/main/java/org/apache/mahout/pig/LogisticRegression.java. The manipulation leads to insecure temporary file. The attack needs to be approached locally. The name of the patch is 1e7bd9fab5401a2df18d2eabd802adcf0dcf1f15. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216500.	2022-12-21	not yet calculated	CVE-2022-4641 N/A N/A N/A
tatoeba2 — tatoeba2	A vulnerability was found in tatoeba2. It has been classified as problematic. This affects an unknown part of the component Profile Name Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version prod_2022-10-30 is able to address this issue. The name of the patch is 91110777fc8ddf1b4a2cf4e66e67db69b9700361. It is recommended to upgrade the affected component. The identifier VDB-216501 was assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2022-4642 N/A N/A N/A N/A
apache — airflow_hive_provider	Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0.	2022-12-20	not yet calculated	CVE-2022-46421 MISC MISC
netgear — wnr2000	An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.	2022-12-20	not yet calculated	CVE-2022-46422 MISC MISC
netgear — wnr2000	An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v1.2.3.7 and earlier.	2022-12-20	not yet calculated	CVE-2022-46423 MISC MISC
netgear — xwn5001_powerline_500_wifi_access_point	An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v0.4.1.1 and earlier.	2022-12-20	not yet calculated	CVE-2022-46424 MISC MISC
tp-link — wr1043nd	TP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.	2022-12-20	not yet calculated	CVE-2022-46428 MISC MISC
docconv — docconv	A vulnerability was found in docconv up to 1.2.0. It has been declared as critical. This vulnerability affects the function ConvertPDFImages of the file pdf_ocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. Upgrading to version 1.2.1 is able to address this issue. The name of the patch is b19021ade3d0b71c89d35cb00eb9e589a121faa5. It is recommended to upgrade the affected component. VDB-216502 is the identifier assigned to this vulnerability.	2022-12-21	not yet calculated	CVE-2022-4643 N/A N/A N/A MISC
tp-link — tl-wr740n	TP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.	2022-12-20	not yet calculated	CVE-2022-46430 MISC MISC
tp-link — tl-wr743nd	An exploitable firmware modification vulnerability was discovered on TP-Link TL-WR743ND V1. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v3.12.20 and earlier.	2022-12-20	not yet calculated	CVE-2022-46432 MISC MISC
tp-link — tl-wa7510n	An issue in the firmware update process of TP-Link TL-WA7510N v1 v3.12.6 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.	2022-12-20	not yet calculated	CVE-2022-46434 MISC MISC
tp-link — multiple_products	An issue in the firmware update process of TP-Link TL-WR941ND V2/V3 up to 3.13.9 and TL-WR941ND V4 up to 3.12.8 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.	2022-12-20	not yet calculated	CVE-2022-46435 MISC MISC
ikus060 — rdiffweb	Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4.	2022-12-22	not yet calculated	CVE-2022-4644 MISC CONFIRM
ikus060 — rdiffweb	Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4.	2022-12-22	not yet calculated	CVE-2022-4646 CONFIRM MISC
nbnbk — nbnbk	A Cross-Site Request Forgery (CSRF) vulnerability in the Add Administrator function of the default version of nbnbk allows attackers to arbitrarily add Administrator accounts.	2022-12-22	not yet calculated	CVE-2022-46491 MISC
nbnbk — nbnbk	nbnbk commit 879858451d53261d10f77d4709aee2d01c72c301 was discovered to contain an arbitrary file read vulnerability via the component /api/Index/getFileBinary.	2022-12-23	not yet calculated	CVE-2022-46492 MISC
nbnbk — nbnbk	Default version of nbnbk was discovered to contain an arbitrary file upload vulnerability via the component /api/User/download_img.	2022-12-22	not yet calculated	CVE-2022-46493 MISC
d-link — dir-882_dir882a1_fw130b06	D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module.	2022-12-23	not yet calculated	CVE-2022-46560 MISC MISC
d-link — dir-882_dir882a1_fw130b06	D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetWanSettings module.	2022-12-23	not yet calculated	CVE-2022-46561 MISC MISC
d-link — dir-882_dir882a1_fw130b06	D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the PSK parameter in the SetQuickVPNSettings module.	2022-12-23	not yet calculated	CVE-2022-46562 MISC MISC
d-link — dir-882_dir882a1_fw130b06	D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module.	2022-12-23	not yet calculated	CVE-2022-46563 MISC MISC
d-link — dir-882_dir882a1_fw130b06	D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetQuickVPNSettings module.	2022-12-23	not yet calculated	CVE-2022-46566 MISC MISC
d-link — dir-882_dir882a1_fw130b06	D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module.	2022-12-23	not yet calculated	CVE-2022-46568 MISC MISC
d-link — dir-882_dir882a1_fw130b06	D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module.	2022-12-23	not yet calculated	CVE-2022-46569 MISC MISC
d-link — dir-882_dir882a1_fw130b06	D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module.	2022-12-23	not yet calculated	CVE-2022-46570 MISC MISC
linux — linux_kernel	A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.	2022-12-22	not yet calculated	CVE-2022-4662 MISC MISC
d-link — dir-846 a1_fw100a43	D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function.	2022-12-23	not yet calculated	CVE-2022-46641 MISC MISC
d-link — dir-846 a1_fw100a43	D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function.	2022-12-23	not yet calculated	CVE-2022-46642 MISC MISC
ampache — ampache	Unrestricted Upload of File with Dangerous Type in GitHub repository ampache/ampache prior to 5.5.6.	2022-12-23	not yet calculated	CVE-2022-4665 CONFIRM MISC
roxio — creator ljb	Roxio Creator LJB starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service. The affected product and versions are as follows: Roxio Creator LJB version number 12.2 build number 106B62B, version number 12.2 build number 106B63A, version number 12.2 build number 106B69A, version number 12.2 build number 106B71A, and version number 12.2 build number 106B74A)	2022-12-21	not yet calculated	CVE-2022-46662 MISC MISC
ibm — urbancode_deploy	IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.18, 7.0.5.0 through 7.0.5.13, 7.1.0.0 through 7.1.2.9, 7.2.0.0 through 7.2.3.2 and 7.3.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 242273.	2022-12-20	not yet calculated	CVE-2022-46771 MISC MISC
usememos — memos	Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute in GitHub repository usememos/memos prior to 0.9.0.	2022-12-23	not yet calculated	CVE-2022-4683 CONFIRM MISC
usememos — memos	Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.	2022-12-23	not yet calculated	CVE-2022-4684 CONFIRM MISC
usememos — memos	Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.	2022-12-23	not yet calculated	CVE-2022-4685 CONFIRM MISC
usememos — memos	Improper Authentication in GitHub repository usememos/memos prior to 0.9.0.	2022-12-23	not yet calculated	CVE-2022-4686 MISC CONFIRM
usememos — memos	Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.0.	2022-12-23	not yet calculated	CVE-2022-4687 CONFIRM MISC
mozilla — firefox	An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108.	2022-12-22	not yet calculated	CVE-2022-46871 MISC MISC
mozilla — multiple_products	An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.	2022-12-22	not yet calculated	CVE-2022-46872 MISC MISC MISC MISC
mozilla — firefox	Because Firefox did not implement the <code>unsafe-hashes</code> CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script. This would be severely constrained by the specified Content Security Policy of the document. This vulnerability affects Firefox < 108.	2022-12-22	not yet calculated	CVE-2022-46873 MISC MISC
mozilla — multiple_products	A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.<br/>Note: This issue was originally included in the advisories for Thunderbird 102.6, but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird 102.6.1. This vulnerability affects Firefox < 108, Thunderbird < 102.6.1, Thunderbird < 102.6, and Firefox ESR < 102.6.	2022-12-22	not yet calculated	CVE-2022-46874 MISC MISC MISC MISC MISC
mozilla — multiple_products	The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user’s computer. <br>Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.	2022-12-22	not yet calculated	CVE-2022-46875 MISC MISC MISC MISC
mozilla — firefox	By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108.	2022-12-22	not yet calculated	CVE-2022-46877 MISC MISC
mozilla — multiple_products	Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.	2022-12-22	not yet calculated	CVE-2022-46878 MISC MISC MISC MISC
mozilla — firefox	Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108.	2022-12-22	not yet calculated	CVE-2022-46879 MISC MISC
usememos — memos	Improper Authorization in GitHub repository usememos/memos prior to 0.9.0.	2022-12-23	not yet calculated	CVE-2022-4688 CONFIRM MISC
mozilla — multiple_products	A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.<br />Note: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6.	2022-12-22	not yet calculated	CVE-2022-46880 MISC MISC MISC MISC
mozilla — multiple_products	An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6.	2022-12-22	not yet calculated	CVE-2022-46881 MISC MISC MISC MISC
mozilla — multiple_products	A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6.	2022-12-22	not yet calculated	CVE-2022-46882 MISC MISC MISC MISC
mozilla — firefox	Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.<br />Note: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 107. This vulnerability affects Firefox < 107.	2022-12-22	not yet calculated	CVE-2022-46883 MISC MISC
mozilla — firefox	Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106.	2022-12-22	not yet calculated	CVE-2022-46885 MISC MISC
usememos — memos	Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.	2022-12-23	not yet calculated	CVE-2022-4689 CONFIRM MISC
usememos — memos	Cross-site Scripting (XSS) – Stored in GitHub repository usememos/memos prior to 0.9.0.	2022-12-23	not yet calculated	CVE-2022-4690 CONFIRM MISC
tp-link — multiple_products	An issue in the firmware update process of TP-Link TL-WA901ND V1 up to v3.11.2 and TL-WA901N V2 up to v3.12.16 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.	2022-12-20	not yet calculated	CVE-2022-46910 MISC MISC
tp-link — multiple_products	An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.	2022-12-20	not yet calculated	CVE-2022-46912 MISC MISC
tp-link — multiple_products	An issue in the firmware update process of TP-LINK TL-WA801N / TL-WA801ND V1 v3.12.16 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.	2022-12-20	not yet calculated	CVE-2022-46914 MISC MISC
usememos — memos	Cross-site Scripting (XSS) – Stored in GitHub repository usememos/memos prior to 0.9.0.	2022-12-23	not yet calculated	CVE-2022-4692 CONFIRM MISC
wordpress — wordpress	The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wp_user_cover_default_image_url’ parameter in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.	2022-12-23	not yet calculated	CVE-2022-4697 MISC MISC
wordpress — wordpress	The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several form fields in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.	2022-12-23	not yet calculated	CVE-2022-4698 MISC MISC
solarwinds– hybrid_cloud_observability	Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. No other versions are affected	2022-12-19	not yet calculated	CVE-2022-47512 MISC MISC
f-secure_safe_browser — f-secure_safe_browser	F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack.	2022-12-23	not yet calculated	CVE-2022-47524 CONFIRM
gossipsub — gossipsub	GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned from the network) even though it continuously misbehaves by never forwarding topic messages.	2022-12-19	not yet calculated	CVE-2022-47547 MISC
optee_os — optee_os	An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted Execution Environment (OP-TEE) before 3.20 allows a physically proximate adversary to bypass signature verification and install malicious trusted applications via electromagnetic fault injections.	2022-12-19	not yet calculated	CVE-2022-47549 MISC MISC
apiman — apiman	Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project’s accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman versions before 3.0.0.Final. Because of this, 3.0.0.Final is not affected by the vulnerability.	2022-12-20	not yet calculated	CVE-2022-47551 MISC MISC
zoho — manageengine_device_control_plus	An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions by making use of a virtual machine (VM). This allows a file to be exchanged outside the laptop/system. VMs can be created by any user (even without admin rights). The data exfiltration can occur without any record in the audit trail of Windows events on the host machine.	2022-12-20	not yet calculated	CVE-2022-47577 MISC MISC
zoho — manageengine_device_control_plus	An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions by booting into Safe Mode. This allows a file to be exchanged outside the laptop/system. Safe Mode can be launched by any user (even without admin rights). Data exfiltration can occur, and also malware might be introduced onto the system.	2022-12-20	not yet calculated	CVE-2022-47578 MISC MISC
isode_m-vault — isode_m-vault	Isode M-Vault 16.0v0 through 17.x before 17.0v24 can crash upon an LDAP v1 bind request.	2022-12-21	not yet calculated	CVE-2022-47581 MISC
libksba — libksba	Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.	2022-12-20	not yet calculated	CVE-2022-47629 MISC MISC DEBIAN MLIST
kyverno — kyverno	An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry (or a man-in-the-middle attacker) to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations are available for impacted releases.	2022-12-23	not yet calculated	CVE-2022-47633 MISC MISC MISC CONFIRM MISC
wildix_wms — wildix_wms	Wildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23 allows Server-side request forgery (SSRF) via ZohoClient.php.	2022-12-21	not yet calculated	CVE-2022-47635 CONFIRM
jetbrains — intellij-idea	In JetBrains IntelliJ IDEA before 2022.3.1 the “Validate JSP File” action used the HTTP protocol to download required JAR files.	2022-12-22	not yet calculated	CVE-2022-47895 MISC
jetbrains — intellij-idea	In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks.	2022-12-22	not yet calculated	CVE-2022-47896 MISC
ayacms — ayacms	AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php	2022-12-22	not yet calculated	CVE-2022-47926 MISC
misp — misp	In MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp.	2022-12-22	not yet calculated	CVE-2022-47928 MISC
io_finnet_tss-lib — io_finnet_tss-lib	IO FinNet tss-lib before 2.0.0 allows a collision of hash values.	2022-12-23	not yet calculated	CVE-2022-47931 MISC MISC
brave_browser — brave_browser	Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This vulnerability is caused by an incomplete fix for CVE-2022-47933.	2022-12-24	not yet calculated	CVE-2022-47932 MISC MISC MISC MISC
brave_browser — brave_browser	Brave Browser before 1.42.51 allowed a remote attacker to cause a denial of service via a crafted HTML file that references the IPFS scheme. This vulnerability is caused by an uncaught exception in the function ipfs::OnBeforeURLRequest_IPFSRedirectWork() in ipfs_redirect_network_delegate_helper.cc.	2022-12-24	not yet calculated	CVE-2022-47933 MISC MISC MISC MISC MISC
brave_browser — brave_browser	Brave Browser before 1.43.88 allowed a remote attacker to cause a denial of service in private and guest windows via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This is caused by an incomplete fix for CVE-2022-47932 and CVE-2022-47934.	2022-12-24	not yet calculated	CVE-2022-47934 MISC MISC MISC MISC MISC
linux — ksmbd	An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT.	2022-12-23	not yet calculated	CVE-2022-47938 MISC MISC MISC MLIST
linux — ksmbd	An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT.	2022-12-23	not yet calculated	CVE-2022-47939 MISC MISC MISC MLIST
linux — ksmbd	An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2_write.	2022-12-23	not yet calculated	CVE-2022-47940 MISC MISC MISC MLIST
linux — ksmbd	An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2_handle_negotiate error conditions, aka a memory leak.	2022-12-23	not yet calculated	CVE-2022-47941 MISC MISC MISC MLIST
linux — ksmbd	An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command.	2022-12-23	not yet calculated	CVE-2022-47942 MISC MISC MISC MLIST
linux — ksmbd	An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case.	2022-12-23	not yet calculated	CVE-2022-47943 MISC MISC MISC MLIST
thinkphp_framework — thinkphp_framework	ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php.	2022-12-23	not yet calculated	CVE-2022-47945 MISC MISC MISC
linux — kernel	An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq.	2022-12-23	not yet calculated	CVE-2022-47946 MISC MISC
nintendo — networkbuffer	The Nintendo NetworkBuffer class, as used in Animal Crossing: New Horizons before 2.0.6 and other products, allows remote attackers to execute arbitrary code via a large UDP packet that causes a buffer overflow, aka ENLBufferPwn. The victim must join a game session with the attacker. Other affected products include Mario Kart 7 before 1.2, Mario Kart 8, Mario Kart 8 Deluxe before 2.1.0, ARMS before 5.4.1, Splatoon, Splatoon 2 before 5.5.1, Splatoon 3 before late 2022, Super Mario Maker 2 before 3.0.2, and Nintendo Switch Sports before late 2022.	2022-12-24	not yet calculated	CVE-2022-47949 MISC

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

Vulnerability Summary for the Week of December 12, 2022

Post author By admin
Post date December 19, 2022

Original release date: December 19, 2022

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
hp — futuresmart_5	A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Denial of Service when running HP Workpath solutions on potentially affected products.	2022-12-12	9.8	CVE-2021-3821 MISC
google — android	In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239210579	2022-12-13	9.8	CVE-2022-20472 MISC
google — android	In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239267173	2022-12-13	9.8	CVE-2022-20473 MISC
cycle-import-check_project — cycle-import-check	The package cycle-import-check before 1.3.2 are vulnerable to Command Injection via the writeFileToTmpDirAndOpenIt function due to improper user-input sanitization.	2022-12-14	9.8	CVE-2022-24377 CONFIRM CONFIRM
citrix — application_delivery_controller_firmware	Unauthenticated remote arbitrary code execution	2022-12-13	9.8	CVE-2022-27518 MISC
zephyrproject — zephyr	There is an error in the condition of the last if-statement in the function smp_check_keys. It was rejecting current keys if all requirements were unmet.	2022-12-09	9.8	CVE-2022-2993 MISC
vmware — vrealize_network_insight	vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication.	2022-12-14	9.8	CVE-2022-31702 MISC
arubanetworks — sd-wan	There is a command injection vulnerability that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.	2022-12-12	9.8	CVE-2022-37897 MISC
hpe — officeconnect_1820_j9979a_firmware	A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect 1820, 1850 and 1920S Network switches versions: Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22;	2022-12-12	9.8	CVE-2022-37932 MISC
hcltechsw — hcl_commerce	HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes.	2022-12-12	9.8	CVE-2022-38656 MISC
boxystudio — cooked	The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the recipe_args parameter before unserializing it in the cooked_loadmore action, allowing an unauthenticated attacker to trigger a PHP Object injection vulnerability.	2022-12-12	9.8	CVE-2022-3900 MISC
wedevs — dokan	The Dokan WordPress plugin before 3.7.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users	2022-12-12	9.8	CVE-2022-3915 MISC
themographics — listingo	The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE	2022-12-12	9.8	CVE-2022-3921 MISC
wpdevart — booking_calendar	The Booking calendar, Appointment Booking System WordPress plugin before 3.2.2 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE	2022-12-12	9.8	CVE-2022-3982 MISC
daikinlatam — svmpc2	Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an attacker obtaining user login credentials and control the system.	2022-12-13	9.8	CVE-2022-41653 MISC
rxvt-unicode_project — rxvt-unicode	The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user’s terminal and certain options are set.	2022-12-09	9.8	CVE-2022-4170 MISC MISC
ikus-soft — rdiffweb	Improper Privilege Management in GitHub repository ikus060/rdiffweb prior to 2.5.2.	2022-12-12	9.8	CVE-2022-4314 MISC CONFIRM
siemens — sicam_pas	A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software transmits the database credentials for the inbuilt SQL server in cleartext. In combination with the by default enabled xp_cmdshell feature unauthenticated remote attackers could execute custom OS commands. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions.	2022-12-13	9.8	CVE-2022-43724 CONFIRM
mingsoft — mcms	A vulnerability was found in Mingsoft MCMS up to 5.2.9. It has been classified as critical. Affected is an unknown function of the file /cms/category/list. The manipulation of the argument sqlWhere leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.2.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215196.	2022-12-09	9.8	CVE-2022-4375 MISC MISC
nodau_project — nodau	A vulnerability was found in TicklishHoneyBee nodau. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/db.c. The manipulation of the argument value/name leads to sql injection. The name of the patch is 7a7d737a3929f335b9717ddbd31db91151b69ad2. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215252.	2022-12-10	9.8	CVE-2022-4399 MISC MISC MISC
corebos — corebos	PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0.	2022-12-13	9.8	CVE-2022-4446 MISC CONFIRM
dlink — dir-3040_firmware	D-Link DIR-3040 device with firmware 120B03 was discovered to contain a command injection vulnerability via the SetTriggerLEDBlink function.	2022-12-14	9.8	CVE-2022-44832 MISC MISC
scif — scifio	A vulnerability classified as critical was found in scifio. Affected by this vulnerability is the function downloadAndUnpackResource of the file src/test/java/io/scif/util/DefaultSampleFilesService.java of the component ZIP File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is fcb0dbca0ec72b22fe0c9ddc8abc9cb188a0ff31. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215803.	2022-12-14	9.8	CVE-2022-4493 N/A N/A
mcp_mapping_viewer_project — mcp_mapping_viewer	A vulnerability, which was classified as critical, has been found in bspkrs MCPMappingViewer. Affected by this issue is the function extractZip of the file src/main/java/bspkrs/mmv/RemoteZipHandler.java of the component ZIP File Handler. The manipulation leads to path traversal. The attack may be launched remotely. The name of the patch is 6e602746c96b4756c271d080dae7d22ad804a1bd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215804.	2022-12-14	9.8	CVE-2022-4494 N/A N/A
ip-com — ew9_firmware	IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the cmd_get_ping_output function.	2022-12-13	9.8	CVE-2022-45005 MISC
call-cc — chicken	egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file.	2022-12-10	9.8	CVE-2022-45145 MISC MISC MISC
helmet_store_showroom_site_project — helmet_store_showroom_site	There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.	2022-12-14	9.8	CVE-2022-46071 MISC
helmet_store_showroom_project — helmet_store_showroom	Helmet Store Showroom v1.0 vulnerable to unauthenticated SQL Injection.	2022-12-14	9.8	CVE-2022-46072 MISC
codecentric — spring_boot_admin	Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are affected. Users are advised to upgrade to the most recent releases of Spring Boot Admin 2.6.10 and 2.7.8 to resolve this issue. Users unable to upgrade may disable any notifier or disable write access (POST request) on `/env` actuator endpoint.	2022-12-09	9.8	CVE-2022-46166 MISC MISC
github — enterprise_server	An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. A check was added within Pages to ensure the working directory is clean before unpacking new content to prevent an arbitrary file overwrite bug. This vulnerability affected only version 3.7.0 of GitHub Enterprise Server and was fixed in version 3.7.1. This vulnerability was reported via the GitHub Bug Bounty program.	2022-12-14	9.8	CVE-2022-46255 MISC
siemens — 6gk5204-0ba00-2mb2_firmware	A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.	2022-12-13	9.8	CVE-2022-46353 CONFIRM
apache — cxf	A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.	2022-12-13	9.8	CVE-2022-46364 MISC
python3-restfulapi_project — python3-restfulapi	Python3-RESTfulAPI commit d9907f14e9e25dcdb54f5b22252b0e9452e3970e and e772e0beee284c50946e94c54a1d43071ca78b74 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.	2022-12-14	9.8	CVE-2022-46609 MISC MISC MISC MISC
jenkins — plot	Jenkins Plot Plugin 2.1.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.	2022-12-12	9.8	CVE-2022-46682 MISC
sqlite — sqlite	SQLite through 3.40.0, when relying on –safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.	2022-12-12	9.8	CVE-2022-46908 MISC MISC MISC
vsphere_selfuse_project — vsphere_selfuse	vSphere_selfuse commit 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.	2022-12-14	9.8	CVE-2022-46996 MISC MISC MISC
passhunt_project — passhunt	Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.	2022-12-14	9.8	CVE-2022-46997 MISC MISC MISC
microsoft — 365_apps	Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-44692, CVE-2022-47212, CVE-2022-47213.	2022-12-13	9.8	CVE-2022-47211 MISC
sap — netweaver_process_integration	An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration (PI) – version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability affects local users and data, leading to a considerable impact on confidentiality as well as availability and a limited impact on the integrity of the application. These operations can be used to: * Read any information * Modify sensitive information * Denial of Service attacks (DoS) * SQL Injection	2022-12-13	9.4	CVE-2022-41271 MISC MISC
kingspan — tms300_cs_firmware	Due to the lack of adequately implemented access-control rules, all versions Kingspan TMS300 CS are vulnerable to an attacker viewing and modifying the application settings without authenticating by accessing a specific uniform resource locator (URL) on the webserver.	2022-12-13	9.1	CVE-2022-2757 MISC
kbase_doc_project — kbase_doc	Kbase Doc v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /web/IndexController.java.	2022-12-09	9.1	CVE-2022-45290 MISC
fp_newsletter_project — fp_newsletter	An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people.	2022-12-14	9.1	CVE-2022-47408 MISC
proxmox — virtual_environment	A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/.	2022-12-14	9	CVE-2022-31358 MISC MISC MISC MISC
google — android	In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-232023771	2022-12-13	8.8	CVE-2022-20411 MISC
google — android	In avct_lcb_msg_asmbl of avct_lcb_act.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-230867224	2022-12-13	8.8	CVE-2022-20469 MISC
cisco — ata_190_firmware	Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read of the valid Cisco Discovery Protocol packet data, which could allow the attacker to cause corruption in the internal Cisco Discovery Protocol database of the affected device.	2022-12-12	8.8	CVE-2022-20689 MISC
cisco — ata_190_firmware	Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read of the valid Cisco Discovery Protocol packet data, which could allow the attacker to cause corruption in the internal Cisco Discovery Protocol database of the affected device.	2022-12-12	8.8	CVE-2022-20690 MISC
cisco — ip_phone_7811_firmware	A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device.	2022-12-12	8.8	CVE-2022-20968 MISC
typo3 — typo3	TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, it is possible to inject code instructions to be processed and executed via TypoScript as PHP code. The existence of individual TypoScript instructions for a particular form item and a valid backend user account with access to the form module are needed to exploit this vulnerability. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.	2022-12-14	8.8	CVE-2022-23503 MISC
cube — cube.js	cube-js is a headless business intelligence platform. In version 0.31.23 all authenticated Cube clients could bypass SQL row-level security and run arbitrary SQL via the newly introduced /v1/sql-runner endpoint. This issue has been resolved in version 0.31.24. Users are advised to either upgrade to 0.31.24 or to downgrade to 0.31.22. There are no known workarounds for this vulnerability.	2022-12-09	8.8	CVE-2022-23510 MISC MISC MISC
vmware — esxi	VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.	2022-12-13	8.8	CVE-2022-31696 MISC
averta — shortcodes_and_extra_features_for_phlox_theme	The Shortcodes and extra features for Phlox WordPress plugin through 2.10.5 unserializes the content of an imported file, which could lead to PHP object injection when a user imports (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.	2022-12-12	8.8	CVE-2022-3359 MISC
apache — atlas	A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This issue affects Apache Atlas versions from 0.8.4 to 2.2.0.	2022-12-14	8.8	CVE-2022-34271 MISC
devolutions — remote_desktop_manager	Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.	2022-12-12	8.8	CVE-2022-3641 MISC
spip — spip	RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via a GET parameter	2022-12-14	8.8	CVE-2022-37155 MISC
arubanetworks — arubaos	Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.	2022-12-12	8.8	CVE-2022-37898 MISC
arubanetworks — arubaos	A vulnerability exists that allows an authenticated attacker to overwrite an arbitrary file with attacker-controlled content via the web interface. Successful exploitation of this vulnerability could lead to full compromise the underlying host operating system.	2022-12-12	8.8	CVE-2022-37903 MISC
arubanetworks — sd-wan	Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to execute arbitrary code during the boot sequence. Successful exploitation could allow an attacker to achieve permanent modification of the underlying operating system.	2022-12-12	8.8	CVE-2022-37904 MISC
arubanetworks — sd-wan	Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to execute arbitrary code during the boot sequence. Successful exploitation could allow an attacker to achieve permanent modification of the underlying operating system.	2022-12-12	8.8	CVE-2022-37905 MISC
arubanetworks — sd-wan	Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.	2022-12-12	8.8	CVE-2022-37912 MISC
icegram — email_subscribers_&_newsletters	The Icegram Express WordPress plugin before 5.5.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscriber	2022-12-12	8.8	CVE-2022-3981 MISC
wut — com-server_++_firmware	Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. During an authenticated session to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by crafting modified HTTP Get requests. This may result in a complete takeover of the device.	2022-12-13	8.8	CVE-2022-4098 MISC
microsoft — .net	.NET Framework Remote Code Execution Vulnerability.	2022-12-13	8.8	CVE-2022-41089 MISC
sap — basis	Due to the unrestricted scope of the RFC function module, SAP BASIS – versions 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, 791, allows an authenticated non-administrator attacker to access a system class and execute any of its public methods with parameters provided by the attacker. On successful exploitation the attacker can have full control of the system to which the class belongs, causing a high impact on the integrity of the application.	2022-12-13	8.8	CVE-2022-41264 MISC MISC
sap — business_objects_business_intelligence_platform	SAP Business Objects Platform – versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application.	2022-12-13	8.8	CVE-2022-41267 MISC MISC
ibm — db2	IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210.	2022-12-12	8.8	CVE-2022-41296 MISC MISC
deltaww — dvw-w02w2-e2_firmware	Delta Electronics DVW-W02W2-E2 1.5.0.10 is vulnerable to Command Injection via Crafted URL.	2022-12-14	8.8	CVE-2022-42139 MISC
arm — bifrost_gpu_kernel_driver	An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0.	2022-12-12	8.8	CVE-2022-42716 MISC
arubanetworks — edgeconnect_enterprise	Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.	2022-12-12	8.8	CVE-2022-43542 MISC
canteen_management_system_project — canteen_management_system	A vulnerability classified as critical was found in SourceCodester Canteen Management System. This vulnerability affects unknown code of the file ajax_represent.php. The manipulation of the argument customer_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-215272.	2022-12-11	8.8	CVE-2022-4403 MISC MISC
mxsdoc_project — mxsdoc	A vulnerability was found in RainyGao DocSys. It has been declared as critical. This vulnerability affects the function getReposAllUsers of the file /DocSystem/Repos/getReposAllUsers.do. The manipulation of the argument searchWord/reposId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-215278 is the identifier assigned to this vulnerability.	2022-12-12	8.8	CVE-2022-4416 N/A N/A
google — chrome	Use after free in Blink Media in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2022-12-14	8.8	CVE-2022-4436 MISC MISC
google — chrome	Use after free in Mojo IPC in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2022-12-14	8.8	CVE-2022-4437 MISC MISC
google — chrome	Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2022-12-14	8.8	CVE-2022-4438 MISC MISC
google — chrome	Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: High)	2022-12-14	8.8	CVE-2022-4439 MISC MISC
google — chrome	Use after free in Profiles in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)	2022-12-14	8.8	CVE-2022-4440 MISC MISC
microsoft — sharepoint_foundation	Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44693.	2022-12-13	8.8	CVE-2022-44690 MISC
microsoft — sharepoint_foundation	Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44690.	2022-12-13	8.8	CVE-2022-44693 MISC
tenda — ax12_firmware	Tenda AX12 V22.03.01.16_cn is vulnerable to command injection via goform/fast_setting_internet_set.	2022-12-12	8.8	CVE-2022-45043 MISC
open-emr — openemr	Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2.	2022-12-15	8.8	CVE-2022-4506 CONFIRM MISC
sens_project — sens	SENS v1.0 has a file upload vulnerability.	2022-12-12	8.8	CVE-2022-45759 MISC
sens_project — sens	SENS v1.0 is vulnerable to Incorrect Access Control vulnerability.	2022-12-12	8.8	CVE-2022-45760 MISC
alist_project — alist	Alist v3.4.0 is vulnerable to File Upload. A user with only file upload permission can upload any file to any folder (even a password protected one).	2022-12-12	8.8	CVE-2022-45968 MISC
tenda — ax12_firmware	Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function.	2022-12-12	8.8	CVE-2022-45977 MISC
tenda — ax12_firmware	Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet .	2022-12-12	8.8	CVE-2022-45980 MISC
helmet_store_showroom_project — helmet_store_showroom	Helmet Store Showroom 1.0 is vulnerable to Cross Site Request Forgery (CSRF). An unauthenticated user can add an admin account due to missing CSRF protection.	2022-12-14	8.8	CVE-2022-46074 MISC
akeneo — product_information_management	Akeneo PIM is an open source Product Information Management (PIM). Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the versions aforementioned provides patched Apache HTTP server configuration file, for docker setup and in documentation sample, to fix this vulnerability. Community Edition users must change their Apache HTTP server configuration accordingly to be protected. The patch for Cloud Based Akeneo PIM Services customers has been applied since 30th October 2022. Users are advised to upgrade. Users unable to upgrade may Replace any reference to `<FilesMatch .php$>` in their apache httpd configurations with: `<Location “/index.php”>`.	2022-12-09	8.8	CVE-2022-46157 MISC MISC
github — enterprise_server	A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the instance. This vulnerability was fixed in versions 3.3.17, 3.4.12, 3.5.9, 3.6.5 and 3.7.2. This vulnerability was reported via the GitHub Bug Bounty program.	2022-12-14	8.8	CVE-2022-46256 MISC MISC MISC MISC MISC
bangresto_project — bangresto	mesinkasir Bangresto 1.0 is vulnberable to SQL Injection via the itemqty%5B%5D parameter.	2022-12-14	8.8	CVE-2022-46443 MISC
gnu — grub2	A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.	2022-12-14	8.6	CVE-2022-2601 MISC
sap — netweaver_process_integration	An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NetWeaver Process Integration (PI) – version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data across the entire system. This allows the attacker to have full read access to user data, make limited modifications to user data, and degrade the performance of the system, leading to a high impact on confidentiality and a limited impact on the availability and integrity of the application.	2022-12-13	8.6	CVE-2022-41272 MISC MISC
microsoft — windows_server_2008	PowerShell Remote Code Execution Vulnerability.	2022-12-13	8.5	CVE-2022-41076 MISC
microsoft — dynamics_nav	Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability.	2022-12-13	8.5	CVE-2022-41127 MISC
google — android	In several functions of inputDispatcher.cpp, there is a possible way to make toasts clickable due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-197296414	2022-12-13	8.4	CVE-2022-20444 MISC
tibco — jasperreports_server	The HTML escaping component of TIBCO Software Inc.’s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server – Community Edition, TIBCO JasperReports Server – Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for Microsoft Azure, and TIBCO JasperReports Server for Microsoft Azure contains an easily exploitable vulnerability that allows a privileged/administrative attacker with network access to execute an XSS attack on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.’s TIBCO JasperReports Server: versions 8.0.2 and below, TIBCO JasperReports Server: version 8.1.0, TIBCO JasperReports Server – Community Edition: versions 8.1.0 and below, TIBCO JasperReports Server – Developer Edition: versions 8.1.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 8.0.2 and below, TIBCO JasperReports Server for AWS Marketplace: version 8.1.0, TIBCO JasperReports Server for Microsoft Azure: versions 8.0.2 and below, and TIBCO JasperReports Server for Microsoft Azure: version 8.1.0.	2022-12-13	8.4	CVE-2022-41562 CONFIRM CONFIRM
microsoft — edge_chromium	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability.	2022-12-13	8.3	CVE-2022-44708 MISC
metersphere — metersphere	MeterSphere is a one-stop open source continuous testing platform. Versions prior to 2.4.1 are vulnerable to Path Injection in ApiTestCaseService::deleteBodyFiles which takes a user-controlled string id and passes it to ApiTestCaseService, which uses the user-provided value (testId) in new File(BODY_FILE_DIR + “/” + testId), being deleted later by file.delete(). By adding some camouflage parameters to the url, an attacker can target files on the server. The vulnerability has been fixed in v2.4.1.	2022-12-14	8.1	CVE-2022-23512 MISC
qualcomm — apq8009_firmware	Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables	2022-12-13	8.1	CVE-2022-33268 CONFIRM
arubanetworks — sd-wan	An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of the vulnerability results in the ability to delete arbitrary files on the underlying operating system.	2022-12-12	8.1	CVE-2022-37906 MISC
dpdgroup — woocommerce_shipping	The WooCommerce Shipping WordPress plugin through 1.2.11 does not have authorisation and CRSF in an AJAX action, which could allow any authenticated users, such as subscriber to delete arbitrary options from the blog, which could make the blog unavailable.	2022-12-12	8.1	CVE-2022-3999 MISC
microsoft — windows_server_2008	Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44676.	2022-12-13	8.1	CVE-2022-44670 MISC
microsoft — windows_server_2008	Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44670.	2022-12-13	8.1	CVE-2022-44676 MISC
siemens — mendix_email_connector	A vulnerability has been identified in Mendix Email Connector (All versions < V2.0.0). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information.	2022-12-13	8.1	CVE-2022-45936 CONFIRM
siemens — mendix_workflow_commons	A vulnerability has been identified in Mendix Workflow Commons (All versions < V2.4.0). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read or delete sensitive information.	2022-12-13	8.1	CVE-2022-46664 CONFIRM
msi — wrapper	EXEMSI MSI Wrapper Versions prior to 10.0.50 and at least since version 6.0.91 will introduce a local privilege escalation vulnerability in installers it creates.	2022-12-13	7.8	CVE-2021-32415 MISC MISC MISC
google — android	In the user interface buttons of PermissionController, there is a possible way to bypass permissions dialogs due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-175190844	2022-12-13	7.8	CVE-2021-39617 MISC
google — android	In bindRemoteViewsService of AppWidgetServiceImpl.java, there is a possible way to bypass background activity launch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-234013191	2022-12-13	7.8	CVE-2022-20470 MISC
google — android	In readLazyValue of Parcel.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-240138294	2022-12-13	7.8	CVE-2022-20474 MISC
google — android	In test of ResetTargetTaskHelper.java, there is a possible hijacking of any app which sets allowTaskReparenting=”true” due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-240663194	2022-12-13	7.8	CVE-2022-20475 MISC
google — android	In shouldHideNotification of KeyguardNotificationVisibilityProvider.kt, there is a possible way to show hidden notifications due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-241611867	2022-12-13	7.8	CVE-2022-20477 MISC
google — android	In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241764135	2022-12-13	7.8	CVE-2022-20478 MISC
google — android	In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241764340	2022-12-13	7.8	CVE-2022-20479 MISC
google — android	In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241764350	2022-12-13	7.8	CVE-2022-20480 MISC
google — android	In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242702851	2022-12-13	7.8	CVE-2022-20484 MISC
google — android	In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242702935	2022-12-13	7.8	CVE-2022-20485 MISC
google — android	In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703118	2022-12-13	7.8	CVE-2022-20486 MISC
google — android	In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703202	2022-12-13	7.8	CVE-2022-20487 MISC
google — android	In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703217	2022-12-13	7.8	CVE-2022-20488 MISC
google — android	In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703556	2022-12-13	7.8	CVE-2022-20491 MISC
google — android	In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-243849844	2022-12-13	7.8	CVE-2022-20495 MISC
google — android	In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242996180	2022-12-13	7.8	CVE-2022-20611 MISC
qualcomm — apq8096au_firmware	Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking	2022-12-13	7.8	CVE-2022-25677 CONFIRM
qualcomm — aqt1000_firmware	Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile	2022-12-13	7.8	CVE-2022-25681 CONFIRM
qualcomm — apq8009_firmware	Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables	2022-12-13	7.8	CVE-2022-25682 CONFIRM
qualcomm — apq8009_firmware	Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables	2022-12-13	7.8	CVE-2022-25695 CONFIRM
qualcomm — sd_8_gen1_5g_firmware	Memory corruption in i2c buses due to improper input validation while reading address configuration from i2c driver in Snapdragon Mobile, Snapdragon Wearables	2022-12-13	7.8	CVE-2022-25697 CONFIRM
qualcomm — sd_8_gen1_5g_firmware	Memory corruption in SPI buses due to improper input validation while reading address configuration from spi buses in Snapdragon Mobile, Snapdragon Wearables	2022-12-13	7.8	CVE-2022-25698 CONFIRM
qualcomm — aqt1000_firmware	Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables	2022-12-13	7.8	CVE-2022-25711 CONFIRM
qualcomm — aqt1000_firmware	Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables	2022-12-13	7.8	CVE-2022-25712 CONFIRM
microsoft — 365_apps	Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26805, CVE-2022-26806, CVE-2022-44692, CVE-2022-47211, CVE-2022-47212, CVE-2022-47213.	2022-12-13	7.8	CVE-2022-26804 MISC
microsoft — 365_apps	Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26806, CVE-2022-44692, CVE-2022-47211, CVE-2022-47212, CVE-2022-47213.	2022-12-13	7.8	CVE-2022-26805 MISC
microsoft — 365_apps	Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-44692, CVE-2022-47211, CVE-2022-47212, CVE-2022-47213.	2022-12-13	7.8	CVE-2022-26806 MISC
secomea — gatemanager	A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7.	2022-12-09	7.8	CVE-2022-2752 MISC
altair — hyperview_player	Altair HyperView Player versions 2021.1.0.27 and prior perform operations on a memory buffer but can read from or write to a memory location outside of the intended boundary of the buffer. This hits initially as a read access violation, leading to a memory corruption situation.	2022-12-13	7.8	CVE-2022-2947 MISC
altair — hyperview_player	Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.	2022-12-13	7.8	CVE-2022-2949 MISC
google — google_search	There exists a path traversal vulnerability in the Android Google Search app. This is caused by the incorrect usage of uri.getLastPathSegment. A symbolic encoded string can bypass the path logic to get access to unintended directories. An attacker can manipulate paths that could lead to code execution on the device. We recommend upgrading beyond version 13.41	2022-12-13	7.8	CVE-2022-29580 MISC
wp_csv_exporter_project — wp_csv_exporter	The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability.	2022-12-12	7.8	CVE-2022-3605 MISC
hp — support_assistant	HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up.	2022-12-12	7.8	CVE-2022-38395 MISC
microsoft — windows_server_2008	Windows Fax Compose Form Elevation of Privilege Vulnerability.	2022-12-13	7.8	CVE-2022-41077 MISC
microsoft — windows_server_2012	Windows Hyper-V Elevation of Privilege Vulnerability.	2022-12-13	7.8	CVE-2022-41094 MISC
microsoft — windows_server_2008	Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-44671, CVE-2022-44680, CVE-2022-44697.	2022-12-13	7.8	CVE-2022-41121 MISC
siemens — teamcenter_visualization	A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.	2022-12-13	7.8	CVE-2022-41281 CONFIRM
siemens — teamcenter_visualization	A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.	2022-12-13	7.8	CVE-2022-41282 CONFIRM
siemens — teamcenter_visualization	A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.	2022-12-13	7.8	CVE-2022-41283 CONFIRM
siemens — teamcenter_visualization	A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.	2022-12-13	7.8	CVE-2022-41284 CONFIRM
siemens — teamcenter_visualization	A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process.	2022-12-13	7.8	CVE-2022-41285 CONFIRM
siemens — teamcenter_visualization	A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.	2022-12-13	7.8	CVE-2022-41286 CONFIRM
siemens — star-ccm+	A vulnerability has been identified in Simcenter STAR-CCM+ (All versions). The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain elevated privileges.	2022-12-13	7.8	CVE-2022-43517 CONFIRM
siemens — sicam_pas	A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that requires this DLL. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions.	2022-12-13	7.8	CVE-2022-43722 CONFIRM
radare — radare2	Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0.	2022-12-10	7.8	CVE-2022-4398 MISC CONFIRM
trendmicro — apex_one	An out-of-bounds access vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.	2022-12-12	7.8	CVE-2022-44649 MISC MISC
trendmicro — apex_one	A memory corruption vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.	2022-12-12	7.8	CVE-2022-44650 MISC MISC
trendmicro — apex_one	An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.	2022-12-12	7.8	CVE-2022-44652 MISC MISC
trendmicro — apex_one	A security agent directory traversal vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.	2022-12-12	7.8	CVE-2022-44653 MISC MISC
microsoft — windows_server_2008	Windows Contacts Remote Code Execution Vulnerability.	2022-12-13	7.8	CVE-2022-44666 MISC
microsoft — windows_server_2008	Windows Media Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44668.	2022-12-13	7.8	CVE-2022-44667 MISC
microsoft — windows_server_2008	Windows Media Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44667.	2022-12-13	7.8	CVE-2022-44668 MISC
microsoft — windows_10	Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41121, CVE-2022-44680, CVE-2022-44697.	2022-12-13	7.8	CVE-2022-44671 MISC
microsoft — windows_server_2008	Windows Bluetooth Driver Elevation of Privilege Vulnerability.	2022-12-13	7.8	CVE-2022-44675 MISC
microsoft — windows_server_2019	Windows Projected File System Elevation of Privilege Vulnerability.	2022-12-13	7.8	CVE-2022-44677 MISC
microsoft — windows_server_2008	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-44681.	2022-12-13	7.8	CVE-2022-44678 MISC
microsoft — windows_server_2012	Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41121, CVE-2022-44671, CVE-2022-44697.	2022-12-13	7.8	CVE-2022-44680 MISC
microsoft — windows_server_2008	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-44678.	2022-12-13	7.8	CVE-2022-44681 MISC
microsoft — windows_server_2012	Windows Kernel Elevation of Privilege Vulnerability.	2022-12-13	7.8	CVE-2022-44683 MISC
microsoft — raw_image_extension	Raw Image Extension Remote Code Execution Vulnerability.	2022-12-13	7.8	CVE-2022-44687 MISC
microsoft — windows_server_2019	Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability.	2022-12-13	7.8	CVE-2022-44689 MISC
microsoft — office	Microsoft Office OneNote Remote Code Execution Vulnerability.	2022-12-13	7.8	CVE-2022-44691 MISC
microsoft — office	Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-47211, CVE-2022-47212, CVE-2022-47213.	2022-12-13	7.8	CVE-2022-44692 MISC
microsoft — 365_apps	Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44695, CVE-2022-44696.	2022-12-13	7.8	CVE-2022-44694 MISC
microsoft — visio	Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44694, CVE-2022-44696.	2022-12-13	7.8	CVE-2022-44695 MISC
microsoft — 365_apps	Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44694, CVE-2022-44695.	2022-12-13	7.8	CVE-2022-44696 MISC
microsoft — windows_server_2008	Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41121, CVE-2022-44671, CVE-2022-44680.	2022-12-13	7.8	CVE-2022-44697 MISC
microsoft — terminal	Windows Terminal Remote Code Execution Vulnerability.	2022-12-13	7.8	CVE-2022-44702 MISC
microsoft — windows_sysmon	Microsoft Windows Sysmon Elevation of Privilege Vulnerability.	2022-12-13	7.8	CVE-2022-44704 MISC
microsoft — windows_11	DirectX Graphics Kernel Elevation of Privilege Vulnerability.	2022-12-13	7.8	CVE-2022-44710 MISC
asus — aura_sync	The MsIo64.sys component in Asus Aura Sync through v1.07.79 does not properly validate input to IOCTL 0x80102040, 0x80102044, 0x80102050, and 0x80102054, allowing attackers to trigger a memory corruption and cause a Denial of Service (DoS) or escalate privileges via crafted IOCTL requests.	2022-12-14	7.8	CVE-2022-44898 MISC MISC MISC
quarkslab — binbloom	Binbloom 2.0 was discovered to contain a heap buffer overflow via the read_pointer function at /binbloom-master/src/helpers.c.	2022-12-14	7.8	CVE-2022-44910 MISC
siemens — parasolid	A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19070)	2022-12-13	7.8	CVE-2022-46345 CONFIRM
siemens — parasolid	A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19071)	2022-12-13	7.8	CVE-2022-46346 CONFIRM
siemens — parasolid	A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19079)	2022-12-13	7.8	CVE-2022-46347 CONFIRM
siemens — parasolid	A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19383)	2022-12-13	7.8	CVE-2022-46348 CONFIRM
siemens — parasolid	A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19384)	2022-12-13	7.8	CVE-2022-46349 CONFIRM
microsoft — 365_apps	Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-44692, CVE-2022-47211, CVE-2022-47213.	2022-12-13	7.8	CVE-2022-47212 MISC
microsoft — 365_apps	Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-44692, CVE-2022-47211, CVE-2022-47212.	2022-12-13	7.8	CVE-2022-47213 MISC
siemens — simatic_s7-plcsim_advanced_firmware	A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don’t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device.	2022-12-13	7.5	CVE-2021-40365 CONFIRM
siemens — simatic_s7-plcsim_advanced_firmware	A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don’t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device.	2022-12-13	7.5	CVE-2021-44693 CONFIRM
siemens — simatic_s7-plcsim_advanced_firmware	A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don’t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device.	2022-12-13	7.5	CVE-2021-44694 CONFIRM
siemens — simatic_s7-plcsim_advanced_firmware	A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don’t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device.	2022-12-13	7.5	CVE-2021-44695 CONFIRM
google — android	In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242459126	2022-12-13	7.5	CVE-2022-20483 MISC
freshrss — freshrss	FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain hashed passwords (brypt with cost 9, salted) of FreshRSS Web interface. If the API is used, the configuration might contain a hashed password (brypt with cost 9, salted) of the GReader API, and a hashed password (MD5 salted) of the Fever API. Users should update to version 1.20.2 or edge. Users unable to upgrade can apply the patch manually or delete the file `./FreshRSS/p/ext.php`.	2022-12-09	7.5	CVE-2022-23497 MISC MISC MISC
typo3 — typo3	TYPO3 is an open source PHP based web content management system. In versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1, requesting invalid or non-existing resources via HTTP triggers the page error handler, which again could retrieve content to be shown as an error message from another page. This leads to a scenario in which the application is calling itself recursively – amplifying the impact of the initial attack until the limits of the web server are exceeded. This vulnerability is very similar, but not identical, to the one described in CVE-2021-21359. This issue is patched in versions 9.5.38 ELTS, 10.4.33, 11.5.20 or 12.1.1.	2022-12-14	7.5	CVE-2022-23500 MISC
auth0 — passport-wsfed-saml2	Passport-wsfed-saml2 is a ws-federation protocol and SAML2 tokens authentication provider for Passport. In versions prior to 4.6.3, a remote attacker may be able to bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the attacker is in possession of an arbitrary IDP signed assertion. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. This issue is patched in version 4.6.3. Use of SAML2 authentication instead of WSFed is a workaround.	2022-12-13	7.5	CVE-2022-23505 MISC
rails_html_sanitizer_project — rails_html_sanitizer	rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer < 1.4.4 use an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption. This issue has been patched in version 1.4.4.	2022-12-14	7.5	CVE-2022-23517 MISC MISC MISC
qualcomm — ar8035_firmware	Denial of service in MODEM due to reachable assertion while processing SIB1 with invalid Bandwidth in Snapdragon Mobile	2022-12-13	7.5	CVE-2022-25672 CONFIRM
qualcomm — ar8035_firmware	Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile	2022-12-13	7.5	CVE-2022-25673 CONFIRM
qualcomm — apq8009_firmware	Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables	2022-12-13	7.5	CVE-2022-25685 CONFIRM
qualcomm — ar8035_firmware	Denial of service in Modem due to reachable assertion in Snapdragon Mobile	2022-12-13	7.5	CVE-2022-25689 CONFIRM
qualcomm — ar8035_firmware	Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile	2022-12-13	7.5	CVE-2022-25691 CONFIRM
qualcomm — ar8035_firmware	Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables	2022-12-13	7.5	CVE-2022-25692 CONFIRM
qualcomm — apq8009_firmware	Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables	2022-12-13	7.5	CVE-2022-25702 CONFIRM
bluetooth — bluetooth_core_specification	Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when the MITM negotiates Legacy Passkey Pairing with the pairing Initiator and Secure Connections Passkey Pairing with the pairing Responder and brute forces the Passkey entered by the user into the Initiator. The MITM attacker can use the identified Passkey value to complete authentication with the Responder via Bluetooth pairing method confusion.	2022-12-12	7.5	CVE-2022-25836 CONFIRM
bluetooth — bluetooth_core_specification	Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM negotiates BR/EDR Secure Simple Pairing in Secure Connections mode using the Passkey association model with the pairing Initiator and BR/EDR Legacy PIN code pairing with the pairing Responder and brute forces the Passkey entered by the user into the Responder as a 6-digit PIN code. The MITM attacker can use the identified PIN code value as the Passkey value to complete authentication with the Initiator via Bluetooth pairing method confusion.	2022-12-12	7.5	CVE-2022-25837 CONFIRM
deltaww — dialink	Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine.	2022-12-13	7.5	CVE-2022-2660 MISC
hp — pagewide_352dw_j6u57a_firmware	Certain HP PageWide Pro Printers may be vulnerable to a potential denial of service attack.	2022-12-12	7.5	CVE-2022-2794 MISC
vmware — vrealize_network_insight	vRealize Network Insight (vRNI) directory traversal vulnerability in vRNI REST API. A malicious actor with network access to the vRNI REST API can read arbitrary files from the server.	2022-12-14	7.5	CVE-2022-31703 MISC
qualcomm — apq8009_firmware	Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking	2022-12-13	7.5	CVE-2022-33235 CONFIRM
qualcomm — apq8009_firmware	Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking	2022-12-13	7.5	CVE-2022-33238 CONFIRM
ifm — moneo_qha210_firmware	In IFM Moneo Appliance with version up to 1.9.3 an unauthenticated remote attacker can reset the administrator password by only supplying the serial number.	2022-12-12	7.5	CVE-2022-3485 MISC
google — protobuf-javalite	A parsing issue similar to CVE-2022-3171, but with textformat in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.	2022-12-12	7.5	CVE-2022-3509 MISC
google — protobuf-javalite	A parsing issue similar to CVE-2022-3171, but with Message-Type Extensions in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.	2022-12-12	7.5	CVE-2022-3510 MISC
wireshark — wireshark	Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows	2022-12-09	7.5	CVE-2022-3724 MISC MISC CONFIRM
arubanetworks — sd-wan	A vulnerability exists in the ArubaOS bootloader on 7xxx series controllers which can result in a denial of service (DoS) condition on an impacted system. A successful attacker can cause a system hang which can only be resolved via a power cycle of the impacted controller.	2022-12-12	7.5	CVE-2022-37907 MISC
arubanetworks — edgeconnect_enterprise	A vulnerability exists in the API of Aruba EdgeConnect Enterprise. An unauthenticated attacker can exploit this condition via the web-based management interface to create a denial-of-service condition which prevents the appliance from properly responding to API requests in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below;	2022-12-12	7.5	CVE-2022-37919 MISC
wpeverest — user_registration	The User Registration WordPress plugin before 2.2.4.1 does not properly restrict the files to be uploaded via an AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload PHP files for example.	2022-12-12	7.5	CVE-2022-3912 MISC
openssl — openssl	If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the `-policy’ argument to the command line utilities or by calling either `X509_VERIFY_PARAM_add0_policy()’ or `X509_VERIFY_PARAM_set1_policies()’ functions.	2022-12-13	7.5	CVE-2022-3996 MISC MISC
sap — business_planning_and_consolidation	In some SAP standard roles in SAP Business Planning and Consolidation – versions – SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized transaction functionality. Under specific circumstances, a successful attack could enable an adversary to escalate their privileges to be able to read, change or delete system data.	2022-12-13	7.5	CVE-2022-41268 MISC MISC
superwhite — demon_image_annotation	The demon image annotation plugin for WordPress is vulnerable to improper input validation in versions up to, and including 5.0. This is due to the plugin improperly validating the number of characters supplied during an annotation despite there being a setting to limit the number characters input. This means that unauthenticated attackers can bypass the length restrictions and input more characters than allowed via the settings.	2022-12-13	7.5	CVE-2022-4171 MISC MISC
siemens — sicam_pas	A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All versions >= 7.0 < V8.06). Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the application crashes. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions.	2022-12-13	7.5	CVE-2022-43723 CONFIRM
hp — m2u75a_firmware	Certain HP ENVY, OfficeJet, and DeskJet printers may be vulnerable to a Denial of Service attack.	2022-12-12	7.5	CVE-2022-43780 MISC
phpmyfaq — phpmyfaq	Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9.	2022-12-11	7.5	CVE-2022-4409 MISC CONFIRM
trendmicro — apex_one	Affected builds of Trend Micro Apex One and Apex One as a Service contain a monitor engine component that is complied without the /SAFESEH memory protection mechanism which helps to monitor for malicious payloads. The affected component’s memory protection mechanism has been updated to enhance product security.	2022-12-12	7.5	CVE-2022-44654 MISC
microsoft — office	Microsoft Outlook for Mac Spoofing Vulnerability.	2022-12-13	7.5	CVE-2022-44713 MISC
interspire — email_marketer	Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists.	2022-12-09	7.5	CVE-2022-44790 MISC
open-emr — openemr	Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.0.2.	2022-12-15	7.5	CVE-2022-4504 MISC CONFIRM
siemens — siprotec_5_6md85_firmware	A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP200) (All versions), SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions), SIPROTEC 5 6MD86 devices (CPU variant CP200) (All versions), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions), SIPROTEC 5 6MU85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7KE85 devices (CPU variant CP200) (All versions), SIPROTEC 5 7KE85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SA82 devices (CPU variant CP100) (All versions), SIPROTEC 5 7SA82 devices (CPU variant CP150) (All versions), SIPROTEC 5 7SA86 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SA86 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SA87 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SA87 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SD82 devices (CPU variant CP100) (All versions), SIPROTEC 5 7SD82 devices (CPU variant CP150) (All versions), SIPROTEC 5 7SD86 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SD86 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SD87 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SD87 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SJ81 devices (CPU variant CP100) (All versions), SIPROTEC 5 7SJ81 devices (CPU variant CP150) (All versions), SIPROTEC 5 7SJ82 devices (CPU variant CP100) (All versions), SIPROTEC 5 7SJ82 devices (CPU variant CP150) (All versions), SIPROTEC 5 7SJ85 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SJ85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SJ86 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SJ86 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SK82 devices (CPU variant CP100) (All versions), SIPROTEC 5 7SK82 devices (CPU variant CP150) (All versions), SIPROTEC 5 7SK85 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SK85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SL82 devices (CPU variant CP100) (All versions), SIPROTEC 5 7SL82 devices (CPU variant CP150) (All versions), SIPROTEC 5 7SL86 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SL86 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SL87 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SL87 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SS85 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SS85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7ST85 devices (CPU variant CP200) (All versions), SIPROTEC 5 7ST85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SX85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7UM85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7UT82 devices (CPU variant CP100) (All versions), SIPROTEC 5 7UT82 devices (CPU variant CP150) (All versions), SIPROTEC 5 7UT85 devices (CPU variant CP200) (All versions), SIPROTEC 5 7UT85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7UT86 devices (CPU variant CP200) (All versions), SIPROTEC 5 7UT86 devices (CPU variant CP300) (All versions), SIPROTEC 5 7UT87 devices (CPU variant CP200) (All versions), SIPROTEC 5 7UT87 devices (CPU variant CP300) (All versions), SIPROTEC 5 7VE85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7VK87 devices (CPU variant CP200) (All versions), SIPROTEC 5 7VK87 devices (CPU variant CP300) (All versions), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions), SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050) (All versions). Affected devices do not properly restrict secure client-initiated renegotiations within the SSL and TLS protocols. This could allow an attacker to create a denial of service condition on the ports 443/tcp and 4443/tcp for the duration of the attack.	2022-12-13	7.5	CVE-2022-45044 CONFIRM
dragino — lg01_lora_firmware	The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https://10.10.20.74/lib/. This address has a backup file which can be downloaded without any authentication.	2022-12-12	7.5	CVE-2022-45227 MISC
gmaolinx — linx_sphere	A directory traversal vulnerability in the component SCS.Web.Server.SPI/1.0 of Linx Sphere LINX 7.35.ST15 allows attackers to read arbitrary files.	2022-12-12	7.5	CVE-2022-45269 MISC
jettison_project — jettison	A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.	2022-12-13	7.5	CVE-2022-45685 MISC
hutool — hutool	A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.	2022-12-13	7.5	CVE-2022-45688 MISC MISC
hutool — hutool	hutool-json v5.8.10 was discovered to contain an out of memory error.	2022-12-13	7.5	CVE-2022-45689 MISC
hutool — hutool	A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.	2022-12-13	7.5	CVE-2022-45690 MISC MISC
jettison_project — jettison	Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.	2022-12-13	7.5	CVE-2022-45693 MISC
f-secure — atlant	A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing ICAP request. The exploit can be triggered remotely by an attacker.	2022-12-13	7.5	CVE-2022-45871 MISC
zte — zxhn-h108ns_firmware	ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 is vulnerable to remote stack buffer overflow.	2022-12-12	7.5	CVE-2022-45957 MISC
tenda — ax12_firmware	Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the ssid parameter at /goform/fast_setting_wifi_set .	2022-12-12	7.5	CVE-2022-45979 MISC
siemens — 6gk5204-0ba00-2mb2_firmware	A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products.	2022-12-13	7.5	CVE-2022-46352 CONFIRM
siemens — 6gk5204-0ba00-2mb2_firmware	A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The affected products are vulnerable to an “Exposure of Sensitive Information to an Unauthorized Actor” vulnerability by leaking sensitive data in the HTTP Referer.	2022-12-13	7.5	CVE-2022-46355 CONFIRM
apache — cxf	A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, and so the vulnerability can only arise if the CXF service is misconfigured.	2022-12-13	7.5	CVE-2022-46363 MISC
fp_newsletter_project — fp_newsletter	An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscription UIDs in deleteAction operations.	2022-12-14	7.5	CVE-2022-47409 MISC
fp_newsletter_project — fp_newsletter	An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations.	2022-12-14	7.5	CVE-2022-47410 MISC
fp_newsletter_project — fp_newsletter	An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations.	2022-12-14	7.5	CVE-2022-47411 MISC
redhat — openshift	Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks.	2022-12-09	7.4	CVE-2022-3259 MISC
google — android	In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-176094367	2022-12-13	7.3	CVE-2022-20442 MISC
google — android	In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246933359	2022-12-13	7.3	CVE-2022-20501 MISC
github — enterprise_server	An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a scoped user-to-server token to escalate to full admin/owner privileges. An attacker would require an account with admin access to install a malicious GitHub App. This vulnerability was fixed in versions 3.3.17, 3.4.12, 3.5.9, and 3.6.5. This vulnerability was reported via the GitHub Bug Bounty program.	2022-12-14	7.2	CVE-2022-23741 MISC MISC MISC MISC
arubanetworks — arubaos	Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.	2022-12-12	7.2	CVE-2022-37899 MISC
arubanetworks — arubaos	Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.	2022-12-12	7.2	CVE-2022-37900 MISC
arubanetworks — arubaos	Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.	2022-12-12	7.2	CVE-2022-37901 MISC
arubanetworks — arubaos	Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.	2022-12-12	7.2	CVE-2022-37902 MISC
arubanetworks — edgeconnect_enterprise	Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.	2022-12-12	7.2	CVE-2022-37920 MISC
arubanetworks — edgeconnect_enterprise	Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.	2022-12-12	7.2	CVE-2022-37921 MISC
arubanetworks — edgeconnect_enterprise	Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.	2022-12-12	7.2	CVE-2022-37922 MISC
arubanetworks — edgeconnect_enterprise	Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.	2022-12-12	7.2	CVE-2022-37923 MISC
arubanetworks — edgeconnect_enterprise	Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.	2022-12-12	7.2	CVE-2022-37924 MISC
buddybadges_project — buddybadges	The buddybadges WordPress plugin through 1.0.0 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users	2022-12-12	7.2	CVE-2022-3925 MISC MISC
tibco — jasperreports_server	The JNDI Data Sources component of TIBCO Software Inc.’s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server – Community Edition, TIBCO JasperReports Server – Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for Microsoft Azure, and TIBCO JasperReports Server for Microsoft Azure contains an easily exploitable vulnerability that allows a privileged/administrative attacker with network access to execute Remote Code Execution to obtain a reverse shell on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO JasperReports Server: versions 8.0.2 and below, TIBCO JasperReports Server: version 8.1.0, TIBCO JasperReports Server – Community Edition: versions 8.1.0 and below, TIBCO JasperReports Server – Developer Edition: versions 8.1.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 8.0.2 and below, TIBCO JasperReports Server for AWS Marketplace: version 8.1.0, TIBCO JasperReports Server for Microsoft Azure: versions 8.0.2 and below, and TIBCO JasperReports Server for Microsoft Azure: version 8.1.0.	2022-12-13	7.2	CVE-2022-41561 CONFIRM CONFIRM
deltaww — dx-2100-l1-cn_firmware	Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Command Injection via lform/net_diagnose.	2022-12-14	7.2	CVE-2022-42140 MISC
arubanetworks — edgeconnect_enterprise	Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.	2022-12-12	7.2	CVE-2022-43541 MISC
docsys_project — docsys	A vulnerability classified as critical has been found in RainyGao DocSys 2.02.37. This affects an unknown part of the component ZIP File Decompression Handler. The manipulation leads to path traversal: ‘../filedir’. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215271.	2022-12-11	7.2	CVE-2022-4402 N/A N/A N/A
arubanetworks — edgeconnect_enterprise	A vulnerability in the Aruba EdgeConnect Enterprise web management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.	2022-12-12	7.2	CVE-2022-44533 MISC
automotive_shop_management_system_project — automotive_shop_management_system	Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /services/view_service.php.	2022-12-09	7.2	CVE-2022-44838 MISC
dynamic_transaction_queuing_system_project — dynamic_transaction_queuing_system	An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=save_settings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.	2022-12-12	7.2	CVE-2022-45275 MISC
tenda — w20e_firmware	Tenda W20E V16.01.0.6(3392) is vulnerable to Command injection via cmd_get_ping_output.	2022-12-12	7.2	CVE-2022-45996 MISC
tenda — w20e_firmware	Tenda W20E V16.01.0.6(3392) is vulnerable to Buffer Overflow.	2022-12-12	7.2	CVE-2022-45997 MISC
aerocms_project — aerocms	The approve parameter from the AeroCMS-v0.0.1 CMS system is vulnerable to SQL injection attacks.	2022-12-13	7.2	CVE-2022-46051 MISC
helmet_store_showroom_site_project — helmet_store_showroom_site	Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=view_product&id=.	2022-12-14	7.2	CVE-2022-46117 MISC
helmet_store_showroom_site_project — helmet_store_showroom_site	Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=product_per_brand&bid=.	2022-12-14	7.2	CVE-2022-46118 MISC
helmet_store_showroom_site_project — helmet_store_showroom_site	Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=categories&c=.	2022-12-14	7.2	CVE-2022-46119 MISC
helmet_store_showroom_site_project — helmet_store_showroom_site	Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/view_product&id=.	2022-12-14	7.2	CVE-2022-46120 MISC
helmet_store_showroom_site_project — helmet_store_showroom_site	Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/manage_product&id=.	2022-12-14	7.2	CVE-2022-46121 MISC
helmet_store_showroom_site_project — helmet_store_showroom_site	Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/categories/view_category.php?id=.	2022-12-14	7.2	CVE-2022-46122 MISC
helmet_store_showroom_site_project — helmet_store_showroom_site	Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/categories/manage_category.php?id=.	2022-12-14	7.2	CVE-2022-46123 MISC
helmet_store_showroom_site_project — helmet_store_showroom_site	Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=user/manage_user&id=.	2022-12-14	7.2	CVE-2022-46124 MISC
helmet_store_showroom_site_project — helmet_store_showroom_site	Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=client/manage_client&id=.	2022-12-14	7.2	CVE-2022-46125 MISC
helmet_store_showroom_site_project — helmet_store_showroom_site	Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/brands/manage_brand.php?id=.	2022-12-14	7.2	CVE-2022-46126 MISC
helmet_store_showroom_site_project — helmet_store_showroom_site	Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/classes/Master.php?f=delete_product.	2022-12-14	7.2	CVE-2022-46127 MISC
hcltechsw — hcl_workload_automation	HCL Workload Automation could allow a local user to overwrite key system files which would cause the system to crash.	2022-12-12	7.1	CVE-2022-38661 MISC
iconics — genesis64	Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in ICONICS/Mitsubishi Electric GENESIS64 versions 10.96 to 10.97.2 allows an unauthenticated attacker to create, tamper with or destroy arbitrary files by getting a legitimate user import a project package file crafted by the attacker.	2022-12-14	7.1	CVE-2022-40264 MISC MISC MISC MISC
trendmicro — apex_one	An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.	2022-12-12	7.1	CVE-2022-45797 MISC
google — android	In TBD of TBD, there is a possible way to archive arbitrary code execution in kernel due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-254742984	2022-12-13	7	CVE-2021-39660 MISC
trendmicro — apex_one	A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.	2022-12-12	7	CVE-2022-44651 MISC MISC
microsoft — windows_server_2019	Windows Error Reporting Elevation of Privilege Vulnerability.	2022-12-13	7	CVE-2022-44669 MISC
microsoft — windows_10	Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privilege Vulnerability.	2022-12-13	7	CVE-2022-44673 MISC

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
amazon — cloudwatch_agent	A privilege escalation issue exists within the Amazon CloudWatch Agent for Windows, software for collecting metrics and logs from Amazon EC2 instances and on-premises servers, in versions up to and including v1.247354. When users trigger a repair of the Agent, a pop-up window opens with SYSTEM permissions. Users with administrative access to affected hosts may use this to create a new command prompt as NT AUTHORITYSYSTEM. To trigger this issue, the third party must be able to access the affected host and elevate their privileges such that they’re able to trigger the agent repair process. They must also be able to install the tools required to trigger the issue. This issue does not affect the CloudWatch Agent for macOS or Linux. Agent users should upgrade to version 1.247355 of the CloudWatch Agent to address this issue. There is no recommended work around. Affected users must update the installed version of the CloudWatch Agent to address this issue.	2022-12-12	6.8	CVE-2022-23511 MISC MISC
microsoft — outlook	Outlook for Android Elevation of Privilege Vulnerability.	2022-12-13	6.8	CVE-2022-24480 MISC
microsoft — windows_10	Windows Hyper-V Denial of Service Vulnerability.	2022-12-13	6.8	CVE-2022-44682 MISC
microsoft — edge_chromium	Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability.	2022-12-13	6.6	CVE-2022-41115 MISC
arcadyan — vrv9506jac23_firmware	The login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is sent in cleartext, allowing an attacker to sniff and intercept traffic to learn the administrative credentials to the router.	2022-12-14	6.5	CVE-2020-9420 MISC
google — android	In BNEP_ConnectResp of bnep_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-228450451	2022-12-13	6.5	CVE-2022-20468 MISC
cisco — ata_190_firmware	A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause a DoS condition of an affected device. This vulnerability is due to missing length validation of certain Cisco Discovery Protocol packet header fields. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust available memory and cause the service to restart. Cisco has released firmware updates that address this vulnerability.	2022-12-12	6.5	CVE-2022-20691 MISC
typo3 — typo3	TYPO3 is an open source PHP based web content management system. In versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 TYPO3 is vulnerable to Improper Authentication. Restricting frontend login to specific users, organized in different storage folders (partitions), can be bypassed. A potential attacker might use this ambiguity in usernames to get access to a different account – however, credentials must be known to the adversary. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.	2022-12-14	6.5	CVE-2022-23501 MISC
sick — rfu610-10600_firmware	Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.	2022-12-13	6.5	CVE-2022-27581 MISC
arubanetworks — sd-wan	An authenticated attacker can impact the integrity of the ArubaOS bootloader on 7xxx series controllers. Successful exploitation can compromise the hardware chain of trust on the impacted controller.	2022-12-12	6.5	CVE-2022-37908 MISC
arubanetworks — sd-wan	A buffer overflow vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in a denial of service on the affected system.	2022-12-12	6.5	CVE-2022-37910 MISC
hpe — sf100_firmware	Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.	2022-12-12	6.5	CVE-2022-37928 MISC
secomea — sitemanager_1129_firmware	Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner.	2022-12-13	6.5	CVE-2022-38124 MISC
canon — vitrea_view	Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An authenticated user is able to gain unauthorized access to imaging records by tampering with the vitrea-view/studies/search patientId parameter.	2022-12-09	6.5	CVE-2022-38765 MISC
car_dealer_project — car_dealer	The Car Dealer (Dealership) and Vehicle sales WordPress Plugin WordPress plugin before 3.05 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress.org	2022-12-12	6.5	CVE-2022-3879 MISC
antihacker_project — antihacker	The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan WordPress plugin before 4.20 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress.org	2022-12-12	6.5	CVE-2022-3880 MISC
wp-memory_project — wp-memory	The Memory Usage, Memory Limit, PHP and Server Memory Health Check and Fix Plugin WordPress plugin before 2.46 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress.org	2022-12-12	6.5	CVE-2022-3882 MISC
stopbadbots_project — stopbadbots	The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 7.24 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress.org	2022-12-12	6.5	CVE-2022-3883 MISC
wpwax — directorist	The Directorist WordPress plugin before 7.4.2.2 suffers from an IDOR vulnerability which an attacker can exploit to change the password of arbitrary users instead of his own.	2022-12-12	6.5	CVE-2022-3930 MISC
collne — welcart_e-commerce	The Welcart e-Commerce WordPress plugin before 2.8.4 does not have authorisation and CSRF in an AJAX action, allowing any logged-in user to create, update and delete shipping methods.	2022-12-12	6.5	CVE-2022-3946 MISC
booster — booster_for_woocommerce	The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.6, Booster Elite for WooCommerce WordPress plugin before 1.1.8 does not properly check for CSRF when creating and deleting Customer roles, allowing attackers to make logged admins create and delete arbitrary custom roles via CSRF attacks	2022-12-12	6.5	CVE-2022-4016 MISC
sap — disclosure_management	SAP Disclosure Management – version 10.1, allows an authenticated attacker to exploit certain misconfigured application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can lead to the exposure of data like financial reports.	2022-12-13	6.5	CVE-2022-41274 MISC MISC
adobe — campaign	Adobe Campaign version 7.3.1 (and earlier) and 8.3.9 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.	2022-12-16	6.5	CVE-2022-42343 MISC
hcltech — sametime	Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users.	2022-12-12	6.5	CVE-2022-42446 MISC
arcinformatique — pcvue	An insertion of sensitive information into log file vulnerability exists in PcVue versions 15 through 15.2.2. This could allow a user with access to the log files to discover connection strings of data sources configured for the DbConnect, which could include credentials. Successful exploitation of this vulnerability could allow other users unauthorized access to the underlying data sources.	2022-12-12	6.5	CVE-2022-4311 MISC
arubanetworks — edgeconnect_enterprise	An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.	2022-12-12	6.5	CVE-2022-43518 MISC
zend-blog-2_project — zend-blog-2	A vulnerability was found in morontt zend-blog-number-2. It has been classified as problematic. Affected is an unknown function of the file application/forms/Comment.php of the component Comment Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The name of the patch is 36b2d4abe20a6245e4f8df7a4b14e130b24d429d. It is recommended to apply a patch to fix this issue. VDB-215250 is the identifier assigned to this vulnerability.	2022-12-10	6.5	CVE-2022-4397 N/A N/A
arubanetworks — edgeconnect_enterprise	An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.	2022-12-12	6.5	CVE-2022-44532 MISC
microsoft — windows_server_2012	Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-41074.	2022-12-13	6.5	CVE-2022-44679 MISC
microsoft — windows_server_2012	Windows Kernel Denial of Service Vulnerability.	2022-12-13	6.5	CVE-2022-44707 MISC
aerocms_project — aerocms	AeroCMS v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).	2022-12-13	6.5	CVE-2022-46059 MISC
siemens — 6gk5622-2gs00-2ac2_firmware	A vulnerability has been identified in SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C (All versions >= 2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= 2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= 2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= 2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= 2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= 2.3 < V3.0). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive.	2022-12-13	6.5	CVE-2022-46144 CONFIRM
jenkins — sonar_gerrit	A cross-site request forgery (CSRF) vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers (previously configured by Jenkins administrators) using attacker-specified credentials IDs obtained through another method, potentially capturing credentials stored in Jenkins.	2022-12-12	6.5	CVE-2022-46688 MISC
sick — rfu620-10100_firmware	Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.	2022-12-13	6.5	CVE-2022-46832 MISC
sick — rfu630-04100_firmware	Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.	2022-12-13	6.5	CVE-2022-46833 MISC
sick — rfu650-10100_firmware	Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.	2022-12-13	6.5	CVE-2022-46834 MISC
fp_masterquiz_project — fp_masterquiz	An issue was discovered in the fp_masterquiz (aka Master-Quiz) extension before 2.2.1, and 3.x before 3.5.1, for TYPO3. An attacker can continue the quiz of a different user. In doing so, the attacker can view that user’s answers and modify those answers.	2022-12-14	6.5	CVE-2022-47407 MISC
feehi — feehicms	Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.	2022-12-15	6.1	CVE-2020-20589 CONFIRM
feehi — feehicms	Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.	2022-12-15	6.1	CVE-2020-36607 CONFIRM
logrhythm — logrhythm	Logrhythm Web Console 7.4.9 allows for HTML tag injection through Contextualize Action -> Create a new Contextualize Action -> Inject your HTML tag in the name field.	2022-12-13	6.1	CVE-2021-41943 MISC
jquery-minicolors_project — jquery-minicolors	A vulnerability was found in claviska jquery-minicolors up to 2.3.5. It has been rated as problematic. Affected by this issue is some unknown functionality of the file jquery.minicolors.js. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.3.6 is able to address this issue. The name of the patch is ef134824a7f4110ada53ea6c173111a4fa2f48f3. It is recommended to upgrade the affected component. VDB-215306 is the identifier assigned to this vulnerability.	2022-12-12	6.1	CVE-2021-4243 MISC MISC MISC
yikesplugins — easy_forms_for_mailchimp	A vulnerability classified as problematic has been found in yikes-inc-easy-mailchimp-extender Plugin up to 6.8.5. This affects an unknown part of the file admin/partials/ajax/add_field_to_form.php. The manipulation of the argument field_name/merge_tag/field_type/list_id leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 6.8.6 is able to address this issue. The name of the patch is 3662c6593aa1bb4286781214891d26de2e947695. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215307.	2022-12-12	6.1	CVE-2021-4244 MISC MISC MISC MISC
hp — integrated_lights-out_5_firmware	Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5.	2022-12-12	6.1	CVE-2021-46846 MISC
typo3 — html_sanitizer	HTML sanitizer is written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. In versions prior to 1.5.0 or 2.1.1, malicious markup used in a sequence with special HTML CDATA sections cannot be filtered and sanitized due to a parsing issue in the upstream package masterminds/html5. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. The upstream package masterminds/html5 provides HTML raw text elements (`script`, `style`, `noframes`, `noembed` and `iframe`) as DOMText nodes, which were not processed and sanitized further. None of the mentioned elements were defined in the default builder configuration, that’s why only custom behaviors, using one of those tag names, were vulnerable to cross-site scripting. This issue has been fixed in versions 1.5.0 and 2.1.1.	2022-12-13	6.1	CVE-2022-23499 MISC
rails_html_sanitizer_project — rails_html_sanitizer	rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4.	2022-12-14	6.1	CVE-2022-23518 MISC MISC MISC
rails_html_sanitizer_project — rails_html_sanitizer	rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer’s allowed tags in either of the following ways: allow both “math” and “style” elements, or allow both “svg” and “style” elements. Code is only impacted if allowed tags are being overridden. . This issue is fixed in version 1.4.4. All users overriding the allowed tags to include “math” or “svg” and “style” should either upgrade or use the following workaround immediately: Remove “style” from the overridden allowed tags, or remove “math” and “svg” from the overridden allowed tags.	2022-12-14	6.1	CVE-2022-23519 MISC MISC
rails_html_sanitizer_project — rails_html_sanitizer	rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer’s allowed tags to allow both “select” and “style” elements. Code is only impacted if allowed tags are being overridden. This issue is patched in version 1.4.4. All users overriding the allowed tags to include both “select” and “style” should either upgrade or use this workaround: Remove either “select” or “style” from the overridden allowed tags. NOTE: Code is _not_ impacted if allowed tags are overridden using either the :tags option to the Action View helper method sanitize or the :tags option to the instance method SafeListSanitizer#sanitize.	2022-12-14	6.1	CVE-2022-23520 MISC MISC
zmartzone — mod_auth_openidc	mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open Redirect. When providing a logout parameter to the redirect URI, the existing code in oidc_validate_redirect_url() does not properly check for URLs that start with /t, leading to an open redirect. This issue has been patched in version 2.4.12.2. Users unable to upgrade can mitigate the issue by configuring mod_auth_openidc to only allow redirection when the destination matches a given regular expression with OIDCRedirectURLsAllowed.	2022-12-14	6.1	CVE-2022-23527 MISC MISC
weidmueller — 19_iot_md01_lan_h4_s0011_firmware	Quanos “SCHEMA ST4” example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser environment. The affected script is ‘*-schema.js’.	2022-12-14	6.1	CVE-2022-3073 MISC
ibm — cics_tx	IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click actions and possibly launch further attacks against the victim. IBM X-Force ID: 229461.	2022-12-12	6.1	CVE-2022-34318 MISC MISC MISC
arubanetworks — edgeconnect_enterprise	A vulnerability within the web-based management interface of Aruba EdgeConnect Enterprise could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser in the context of the affected interface in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.	2022-12-12	6.1	CVE-2022-37925 MISC
hpe — oneview_global_dashboard	URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD).	2022-12-12	6.1	CVE-2022-37927 MISC
niceforyou — linear_emerge_e3_access_control_firmware	Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting (XSS) vulnerability which is chained with a local session fixation. This vulnerability allows attackers to escalate privileges via unspecified vectors.	2022-12-13	6.1	CVE-2022-38628 MISC
helloprint — helloprint	The Helloprint WordPress plugin before 1.4.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting	2022-12-12	6.1	CVE-2022-3908 MISC
sap — netweaver_application_server_java	Due to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) – version 7.50, allows an unauthenticated attacker to inject a script into a web request header. On successful exploitation, an attacker can view or modify information causing a limited impact on the confidentiality and integrity of the application.	2022-12-12	6.1	CVE-2022-41262 MISC MISC
sap — commerce_webservices_2.0	Due to a lack of proper input validation, SAP Commerce Webservices 2.0 (Swagger UI) – versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to steal user tokens and achieve a full account takeover including access to administrative tools in SAP Commerce.	2022-12-13	6.1	CVE-2022-41266 MISC MISC
sap — sourcing	Due to improper input sanitization in SAP Sourcing and SAP Contract Lifecycle Management – version 1100, an attacker can redirect a user to a malicious website. In order to perform this attack, the attacker sends an email to the victim with a manipulated link that appears to be a legitimate SAP Sourcing URL, since the victim doesn’t suspect the threat, they click on the link, log in to SAP Sourcing and CLM and at this point, they get redirected to a malicious website.	2022-12-13	6.1	CVE-2022-41273 MISC MISC
sap — solution_manager	In SAP Solution Manager (Enterprise Search) – versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impact on confidentiality and integrity.	2022-12-13	6.1	CVE-2022-41275 MISC MISC
fs-blog_project — fs-blog	A vulnerability was found in zbl1996 FS-Blog and classified as problematic. This issue affects some unknown processing of the component Title Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-215267.	2022-12-11	6.1	CVE-2022-4400 MISC MISC
redmine — redmine	Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields.	2022-12-12	6.1	CVE-2022-44031 MISC
phpmyfaq — phpmyfaq	Cross-site Scripting (XSS) – Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.	2022-12-11	6.1	CVE-2022-4407 CONFIRM MISC
nuxt — framework	Cross-site Scripting (XSS) – Reflected in GitHub repository nuxt/framework prior to v3.0.0-rc.13.	2022-12-12	6.1	CVE-2022-4413 MISC CONFIRM
nuxt — framework	Cross-site Scripting (XSS) – DOM in GitHub repository nuxt/framework prior to v3.0.0-rc.13.	2022-12-12	6.1	CVE-2022-4414 CONFIRM MISC
rathena — fluxcp	A vulnerability was found in rAthena FluxCP. It has been classified as problematic. Affected is an unknown function of the file themes/default/servicedesk/view.php of the component Service Desk Image URL Handler. The manipulation of the argument sslink leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 8a39b2b2bf28353b3503ff1421862393db15aa7e. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215304.	2022-12-12	6.1	CVE-2022-4421 MISC MISC
resque-scheduler_project — resque-scheduler	Resque Scheduler version 1.27.4 is vulnerable to Cross-site scripting (XSS). A remote attacker could inject javascript code to the “{schedule_job}” or “args” parameter in /resque/delayed/jobs/{schedule_job}?args={args_id} to execute javascript at client side.	2022-12-13	6.1	CVE-2022-44303 MISC MISC
ipti — tag	A vulnerability was found in ipti br.tag. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 2.13.0 is able to address this issue. The name of the patch is 7e311be22d3a0a1b53e61cb987ba13d681d85f06. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215431.	2022-12-13	6.1	CVE-2022-4444 MISC MISC MISC
siemens — plm_help_server	A vulnerability has been identified in PLM Help Server V4.2 (All versions). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link.	2022-12-13	6.1	CVE-2022-44575 CONFIRM
redmine — redmine	Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user.	2022-12-12	6.1	CVE-2022-44637 MISC
collective.dms.basecontent_project — collective.dms.basecontent	A vulnerability, which was classified as problematic, has been found in collective.dms.basecontent 1.7. This issue affects the function renderCell of the file src/collective/dms/basecontent/browser/column.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 1.10 is able to address this issue. The name of the patch is 6c4d616fcc771822a14ebae5e23f3f6d96d134bd. It is recommended to upgrade the affected component. The identifier VDB-215813 was assigned to this vulnerability.	2022-12-14	6.1	CVE-2022-4495 N/A N/A N/A
open-emr — openemr	Cross-site Scripting (XSS) – Reflected in GitHub repository openemr/openemr prior to 7.0.0.2.	2022-12-15	6.1	CVE-2022-4502 MISC CONFIRM
arris — nvg443b_firmware	A cross-site scripting (XSS) vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha.	2022-12-13	6.1	CVE-2022-45028 MISC MISC
open-emr — openemr	Cross-site Scripting (XSS) – Generic in GitHub repository openemr/openemr prior to 7.0.0.2.	2022-12-15	6.1	CVE-2022-4503 MISC CONFIRM
sens_project — sens	SENS v1.0 is vulnerable to Cross Site Scripting (XSS).	2022-12-12	6.1	CVE-2022-45756 MISC
aerocms_project — aerocms	AeroCMS v0.0.1 is vulnerable to ClickJacking.	2022-12-13	6.1	CVE-2022-46061 MISC
helmet_store_showroom_project — helmet_store_showroom	Helmet Store Showroom 1.0 is vulnerable to Cross Site Scripting (XSS).	2022-12-14	6.1	CVE-2022-46073 MISC
siemens — polarion_alm	A vulnerability has been identified in Polarion ALM (All versions). The affected application contains a Host header injection vulnerability that could allow an attacker to spoof a Host header information and redirect users to malicious websites.	2022-12-13	6.1	CVE-2022-46265 CONFIRM
siemens — 6gk5204-0ba00-2mb2_firmware	A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.	2022-12-13	6.1	CVE-2022-46350 CONFIRM
niceforyou — linear_emerge_e3_access_control_firmware	Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.	2022-12-13	6.1	CVE-2022-46381 MISC
jenkins — google_login	Jenkins Google Login Plugin 1.4 through 1.6 (both inclusive) improperly determines that a redirect URL after login is legitimately pointing to Jenkins.	2022-12-12	6.1	CVE-2022-46683 MISC
websoft — websoft_hcm	Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user’s browser, including scripts in the JavaScript programming language, which leads to Reflected XSS.	2022-12-12	6.1	CVE-2022-46905 MISC
sap — business_objects_business_intelligence_platform	Under certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Network in SAP BusinessObjects Business Intelligence Platform (Monitoring DB) – version 430, can access BOE Monitoring database to retrieve and modify (non-personal) system data which would otherwise be restricted. Also, a potential attack could be used to leave the CMS’s scope and impact the database. A successful attack could have a low impact on confidentiality, a high impact on integrity, and a low impact on availability.	2022-12-12	6	CVE-2022-31596 MISC MISC
wordpress — wordpress	WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden.	2022-12-14	5.9	CVE-2022-3590 MISC MISC
wptools_project — wptools	The WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log WordPress plugin before 3.43 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress.org	2022-12-12	5.7	CVE-2022-3881 MISC
google — android	In findAllDeAccounts of AccountsDb.java, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-169762606	2022-12-13	5.5	CVE-2021-0934 MISC
google — android	In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user’s password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-179725730	2022-12-13	5.5	CVE-2022-20466 MISC
google — android	In SendIncDecRestoreCmdPart2 of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-238177877	2022-12-13	5.5	CVE-2022-20471 MISC
google — android	In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an infinite reboot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-240936919	2022-12-13	5.5	CVE-2022-20476 MISC
google — android	In createNotificationChannel of NotificationManager.java, there is a possible way to make the device unusable and require factory reset due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-240422263	2022-12-13	5.5	CVE-2022-20482 MISC
google — android	In setDataSource of initMediaExtractor.cpp, there is a possibility of arbitrary code execution due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-245242273	2022-12-13	5.5	CVE-2022-20496 MISC
google — android	In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246540168	2022-12-13	5.5	CVE-2022-20500 MISC
google — android	In GetResolvedMethod of entrypoint_utils-inl.h, there is a possible use after free due to a stale cache. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222166527	2022-12-13	5.5	CVE-2022-20502 MISC
linux-loader_project — linux-loader	In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the `linux-loader` crate entering an infinite loop if the ELF header of the kernel they are loading was modified in a malicious manner. This issue has been addressed in 0.8.1. The issue can be mitigated by ensuring that only trusted kernel images are loaded or by verifying that the headers do not point beyond the end of the file.	2022-12-13	5.5	CVE-2022-23523 MISC MISC
qualcomm — aqt1000_firmware	Denial of service due to reachable assertion in modem while processing filter rule from application client in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile	2022-12-13	5.5	CVE-2022-25675 CONFIRM
westerndigital — my_cloud_os	Insufficiently Protected Credentials vulnerability in the remote backups application on Western Digital My Cloud devices that could allow an attacker who has gained access to a relevant endpoint to use that information to access protected data. This issue affects: Western Digital My Cloud My Cloud versions prior to 5.25.124 on Linux.	2022-12-09	5.5	CVE-2022-29839 MISC
linux — linux_kernel	An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.	2022-12-14	5.5	CVE-2022-3104 MISC MISC
linux — linux_kernel	An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().	2022-12-14	5.5	CVE-2022-3105 MISC MISC
linux — linux_kernel	An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().	2022-12-14	5.5	CVE-2022-3106 MISC MISC
linux — linux_kernel	An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.	2022-12-14	5.5	CVE-2022-3107 MISC MISC
linux — linux_kernel	An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().	2022-12-14	5.5	CVE-2022-3108 MISC MISC
linux — linux_kernel	An issue was discovered in the Linux kernel through 5.16-rc6. _rtw_init_xmit_priv in drivers/staging/r8188eu/core/rtw_xmit.c lacks check of the return value of rtw_alloc_hwxmits() and will cause the null pointer dereference.	2022-12-14	5.5	CVE-2022-3110 MISC MISC
linux — linux_kernel	An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().	2022-12-14	5.5	CVE-2022-3111 MISC MISC
linux — linux_kernel	An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.	2022-12-14	5.5	CVE-2022-3112 MISC MISC
linux — linux_kernel	An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference.	2022-12-14	5.5	CVE-2022-3113 MISC MISC
linux — linux_kernel	An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.	2022-12-14	5.5	CVE-2022-3114 MISC MISC
linux — linux_kernel	An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.	2022-12-14	5.5	CVE-2022-3115 MISC MISC
vmware — vcenter_server	The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext passwords used during that operation.	2022-12-13	5.5	CVE-2022-31697 MISC
arubanetworks — sd-wan	Due to improper restrictions on XML entities multiple vulnerabilities exist in the command line interface of ArubaOS. A successful exploit could allow an authenticated attacker to retrieve files from the local system or cause the application to consume system resources, resulting in a denial of service condition.	2022-12-12	5.5	CVE-2022-37911 MISC
hpe — sf100_firmware	Improper Privilege Management vulnerability in Hewlett Packard Enterprise Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.	2022-12-12	5.5	CVE-2022-37929 MISC
hpe — sf100_firmware	A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays and HPE Nimble Storage Secondary Flash Arrays which could potentially allow local disclosure of sensitive information.	2022-12-12	5.5	CVE-2022-37930 MISC
daikinlatam — svmpc2	Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to attackers with access to the local area network (LAN) to disclose sensitive information stored by the affected product without requiring authentication.	2022-12-13	5.5	CVE-2022-38355 MISC
microsoft — windows_server_2008	Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-44679.	2022-12-13	5.5	CVE-2022-41074 MISC
sap — solution_manager	SAP Solution Manager (Diagnostic Agent) – version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation can make the attacker access files and systems for which he/she is not authorized.	2022-12-12	5.5	CVE-2022-41261 MISC MISC
siemens — teamcenter_visualization	A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.	2022-12-13	5.5	CVE-2022-41278 CONFIRM
siemens — teamcenter_visualization	A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.	2022-12-13	5.5	CVE-2022-41279 CONFIRM
siemens — teamcenter_visualization	A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.	2022-12-13	5.5	CVE-2022-41280 CONFIRM
siemens — teamcenter_visualization	A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains divide by zero vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition.	2022-12-13	5.5	CVE-2022-41287 CONFIRM
siemens — teamcenter_visualization	A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains stack exhaustion vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition.	2022-12-13	5.5	CVE-2022-41288 CONFIRM
arcinformatique — pcvue	A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through 15.2.3. This could allow an unauthorized user with access the email and short messaging service (SMS) accounts configuration files to discover the associated simple mail transfer protocol (SMTP) account credentials and the SIM card PIN code. Successful exploitation of this vulnerability could allow an unauthorized user access to the underlying email account and SIM card.	2022-12-12	5.5	CVE-2022-4312 MISC
adobe — illustrator	Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-12-16	5.5	CVE-2022-44498 MISC
adobe — illustrator	Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-12-16	5.5	CVE-2022-44499 MISC
adobe — illustrator	Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-12-16	5.5	CVE-2022-44500 MISC
adobe — illustrator	Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-12-16	5.5	CVE-2022-44502 MISC
trendmicro — apex_one	An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not the same as CVE-2022-44648.	2022-12-12	5.5	CVE-2022-44647 MISC MISC
trendmicro — apex_one	An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not the same as CVE-2022-44647.	2022-12-12	5.5	CVE-2022-44648 MISC MISC
microsoft — windows_10	Windows Bluetooth Driver Information Disclosure Vulnerability.	2022-12-13	5.5	CVE-2022-44674 MISC
azure — network_watcher_agent	Azure Network Watcher Agent Security Feature Bypass Vulnerability.	2022-12-13	5.5	CVE-2022-44699 MISC
wasm3_project — wasm3	wasm3 commit 7890a2097569fde845881e0b352d813573e371f9 was discovered to contain a segmentation fault via the component op_CallIndirect at /m3_exec.h.	2022-12-13	5.5	CVE-2022-44874 MISC
siemens — 6gk5204-0ba00-2mb2_firmware	A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2).	2022-12-13	5.5	CVE-2022-46351 CONFIRM
arcadyan — vrv9506jac23_firmware	Multiple stored cross-site scripting (XSS) vulnerabilities in Arcadyan Wifi routers VRV9506JAC23 allow remote attackers to inject arbitrary web script or HTML via the hostName and domain_name parameters present in the LAN configuration section of the administrative dashboard.	2022-12-14	5.4	CVE-2020-9419 MISC
feehi — feehicms	File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image upload.	2022-12-15	5.4	CVE-2021-36573 MISC
ibm — api_connect	IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 213212.	2022-12-12	5.4	CVE-2021-38997 MISC MISC
typo3 — typo3	TYPO3 is an open source PHP based web content management system. In versions prior to 10.4.33, 11.5.20, and 12.1.1, When users reset their password using the corresponding password recovery functionality, existing sessions for that particular user account were not revoked. This applied to both frontend user sessions and backend user sessions. This issue is patched in versions 10.4.33, 11.5.20, 12.1.1.	2022-12-14	5.4	CVE-2022-23502 MISC
symantec — messaging_gateway	An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column)	2022-12-09	5.4	CVE-2022-25629 MISC
symantec — messaging_gateway	An authenticated user can embed malicious content with XSS into the admin group policy page.	2022-12-09	5.4	CVE-2022-25630 MISC
yiiframework — gii	Yii Yii2 Gii through 2.2.4 allows stored XSS by injecting a payload into any field.	2022-12-09	5.4	CVE-2022-34297 MISC
arubanetworks — edgeconnect_enterprise	A vulnerability within the web-based management interface of EdgeConnect Enterprise could allow a remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface by uploading a specially crafted file. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser in the context of the affected interface in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.	2022-12-12	5.4	CVE-2022-37926 MISC
supra-csv-parser_project — supra-csv-parser	Cross-site Scripting (XSS) is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application.	2022-12-12	5.4	CVE-2022-3853 MISC
g5theme — essential_real_estate	The Essential Real Estate WordPress plugin before 3.9.6 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks.	2022-12-12	5.4	CVE-2022-3933 MISC
mehanoid — flat_pm	The Flat PM WordPress plugin through 2.661 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks.	2022-12-12	5.4	CVE-2022-3934 MISC
collne — welcart_e-commerce	The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks	2022-12-12	5.4	CVE-2022-3935 MISC
donation_button_project — donation_button	The Donation Button WordPress plugin through 4.0.0 does not sanitize and escapes some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.	2022-12-12	5.4	CVE-2022-4005 MISC
ibm — cloud_transformation_advisor	IBM Cloud Transformation Advisor 2.0.1 through 3.3.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 237214.	2022-12-09	5.4	CVE-2022-41299 MISC MISC
tibco — jasperreports_server	The Dashboard component of TIBCO Software Inc.’s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server – Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for Microsoft Azure, and TIBCO JasperReports Server for Microsoft Azure contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.’s TIBCO JasperReports Server: versions 8.0.2 and below, TIBCO JasperReports Server: version 8.1.0, TIBCO JasperReports Server – Developer Edition: versions 8.1.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 8.0.2 and below, TIBCO JasperReports Server for AWS Marketplace: version 8.1.0, TIBCO JasperReports Server for Microsoft Azure: versions 8.0.2 and below, and TIBCO JasperReports Server for Microsoft Azure: version 8.1.0.	2022-12-13	5.4	CVE-2022-41563 CONFIRM CONFIRM
oxilab — image_hover_effects_ultimate	The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, the plugin only allows administrators access to edit Image Hovers, however, if a site admin makes the plugin’s features available to lower privileged users through the ‘Who Can Edit?’ setting then this can be exploited by those users.	2022-12-13	5.4	CVE-2022-4207 MISC MISC MISC
deltaww — dx-2100-l1-cn_firmware	Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Cross Site Scripting (XSS) via lform/urlfilter.	2022-12-14	5.4	CVE-2022-42141 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	5.4	CVE-2022-42360 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	5.4	CVE-2022-42367 MISC
bt — baota	In BAOTA linux panel there exists a stored xss vulnerability attackers can use to obtain sensitive information via the log analysis feature.	2022-12-09	5.4	CVE-2022-4336 MISC
s-cms — s-cms	A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-215197 was assigned to this vulnerability.	2022-12-09	5.4	CVE-2022-4377 N/A N/A
pyrdfa3_project — pyrdfa3	UNSUPPORTED WHEN ASSIGNED A vulnerability was found in RDFlib pyrdfa3 and classified as problematic. This issue affects the function _get_option of the file pyRdfa/__init__.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is ffd1d62dd50d5f4190013b39cedcdfbd81f3ce3e. It is recommended to apply a patch to fix this issue. The identifier VDB-215249 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.	2022-12-10	5.4	CVE-2022-4396 N/A N/A N/A
csaf_provider_project — csaf_provider	The csaf_provider package before 0.8.2 allows XSS via a crafted CSAF document uploaded as text/html. The endpoint upload allows valid CSAF advisories (JSON format) to be uploaded with Content-Type text/html and filenames ending in .html. When subsequently accessed via web browser, these advisories are served and interpreted as HTML pages. Such uploaded advisories can contain JavaScript code that will execute within the browser context of users inspecting the advisory.	2022-12-13	5.4	CVE-2022-43996 MISC
pallidlight_online_course_selection_system_project — pallidlight_online_course_selection_system	A vulnerability was found in pallidlight online-course-selection-system. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-215268.	2022-12-11	5.4	CVE-2022-4401 MISC MISC
phpmyfaq — phpmyfaq	Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.9.	2022-12-11	5.4	CVE-2022-4408 CONFIRM MISC
permalink_manager_lite_project — permalink_manager_lite	The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due to improper output escaping on post/page/media titles. This makes it possible for attackers to inject arbitrary web scripts on the permalink-manager page if another plugin or theme is installed on the site that allows lower privileged users with unfiltered_html the ability to modify post/page titles with malicious web scripts.	2022-12-14	5.4	CVE-2022-4410 MISC MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	5.4	CVE-2022-44462 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	5.4	CVE-2022-44468 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	5.4	CVE-2022-44469 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	5.4	CVE-2022-44473 MISC
microsoft — windows_10	Windows SmartScreen Security Feature Bypass Vulnerability.	2022-12-13	5.4	CVE-2022-44698 MISC
siemens — simatic_wincc_oa	A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions), SIMATIC WinCC OA V3.16 (All versions < V3.16 P035), SIMATIC WinCC OA V3.17 (All versions < V3.17 P024), SIMATIC WinCC OA V3.18 (All versions < V3.18 P014). The affected component allows to inject custom arguments to the Ultralight Client backend application under certain circumstances. This could allow an authenticated remote attacker to inject arbitrary parameters when starting the client via the web interface (e.g., open attacker chosen panels with the attacker’s credentials or start a Ctrl script).	2022-12-13	5.4	CVE-2022-44731 CONFIRM
sens_project — sens	SENS v1.0 is vulnerable to Cross Site Scripting (XSS) via com.liuyanzhao.sens.web.controller.admin, getRegister.	2022-12-12	5.4	CVE-2022-45758 MISC
alist_project — alist	Alist v3.5.1 is vulnerable to Cross Site Scripting (XSS) via the bulletin board.	2022-12-12	5.4	CVE-2022-45970 MISC
jenkins — checkmarx	Jenkins Checkmarx Plugin 2022.3.3 and earlier does not escape values returned from the Checkmarx service API before inserting them into HTML reports, resulting in a stored cross-site scripting (XSS) vulnerability.	2022-12-12	5.4	CVE-2022-46684 MISC
jenkins — custom_build_properties	Jenkins Custom Build Properties Plugin 2.79.vc095ccc85094 and earlier does not escape property values and build display names on the Custom Build Properties and Build Summary pages, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to set or change these values.	2022-12-12	5.4	CVE-2022-46686 MISC
jenkins — spring_config	Jenkins Spring Config Plugin 2.0.0 and earlier does not escape build display names shown on the Spring Config view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to change build display names.	2022-12-12	5.4	CVE-2022-46687 MISC
websoft — websoft_hcm	Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user’s browser, including scripts in the JavaScript programming language, which leads to Stored XSS.	2022-12-12	5.4	CVE-2022-46903 MISC
websoft — websoft_hcm	Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user’s browser, including scripts in the JavaScript programming language, which leads to Self-XSS.	2022-12-12	5.4	CVE-2022-46904 MISC
websoft — websoft_hcm	Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user’s browser, including scripts in the JavaScript programming language, which leads to Reflected XSS.	2022-12-12	5.4	CVE-2022-46906 MISC
cisco — ata_190_firmware	Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause the LLDP service to restart. These vulnerabilities are due to missing length validation of certain LLDP packet header fields. An attacker could exploit these vulnerabilities by sending a malicious LLDP packet to an affected device. A successful exploit could allow the attacker to execute code on the affected device and cause LLDP to restart unexpectedly, resulting in a denial of service (DoS) condition.	2022-12-12	5.3	CVE-2022-20686 MISC
cisco — ata_190_firmware	Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause the LLDP service to restart. These vulnerabilities are due to missing length validation of certain LLDP packet header fields. An attacker could exploit these vulnerabilities by sending a malicious LLDP packet to an affected device. A successful exploit could allow the attacker to execute code on the affected device and cause LLDP to restart unexpectedly, resulting in a denial of service (DoS) condition.	2022-12-12	5.3	CVE-2022-20687 MISC
cisco — ata_190_firmware	A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause Cisco Discovery Protocol service to restart. This vulnerability is due to missing length validation of certain Cisco Discovery Protocol packet header fields. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute code on the affected device and cause Cisco Discovery Protocol to restart unexpectedly, resulting in a DoS condition.	2022-12-12	5.3	CVE-2022-20688 MISC
vmware — vcenter_server	The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header.	2022-12-13	5.3	CVE-2022-31698 MISC
arubanetworks — sd-wan	Aruba has identified certain configurations of ArubaOS that can lead to sensitive information disclosure from the configured ESSIDs. The scenarios in which disclosure of potentially sensitive information can occur are complex, and depend on factors beyond the control of attackers.	2022-12-12	5.3	CVE-2022-37909 MISC
updraftplus — all-in-one_security	The All-In-One Security (AIOS) WordPress plugin before 5.0.8 is susceptible to IP Spoofing attacks, which can lead to bypassed security features (like IP blocks, rate limiting, brute force protection, and more).	2022-12-12	5.3	CVE-2022-4097 MISC
funkwhale — funkwhale	User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted.	2022-12-09	5.3	CVE-2022-45292 MISC
boa — boa	Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism.	2022-12-12	5.3	CVE-2022-45956 MISC
siemens — 6gk5204-0ba00-2mb2_firmware	A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.	2022-12-13	5.3	CVE-2022-46354 CONFIRM
ibm — power_system_ac922_(8335-gtg)_firmware	IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deleting too many CA certificates in a short period of time. IBM X-Force ID: 2226337.	2022-12-12	4.9	CVE-2022-22488 MISC MISC
typo3 — typo3	TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers could expose sensitive internal information, such as system configuration or HTTP request messages of other website visitors. A valid backend user account having administrator privileges is needed to exploit this vulnerability. This issue has been patched in versions 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.	2022-12-14	4.9	CVE-2022-23504 MISC
broadcom — brocade_sannav	Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information.	2022-12-09	4.9	CVE-2022-33187 MISC
hcltechsw — hcl_launch	HCL Launch could allow a user with administrative privileges, including “Manage Security” permissions, the ability to recover a credential previously saved for performing authenticated LDAP searches.	2022-12-12	4.9	CVE-2022-42445 MISC
aerocms_project — aerocms	AeroCMS v0.0.1 is vulnerable to SQL Injection via the delete parameter.	2022-12-13	4.9	CVE-2022-46047 MISC
medtronic — guardian_link_2_transmitter_mmt-7730_firmware	A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced technical knowledge is required for exploitation. Please refer to the Medtronic Product Security Bulletin for guidance	2022-12-12	4.8	CVE-2022-32537 MISC MISC
getyourguide_ticketing_project — getyourguide_ticketing	The GetYourGuide Ticketing WordPress plugin before 1.0.4 does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)	2022-12-12	4.8	CVE-2022-3609 MISC
livemeshelementor — addons_for_elementor	The Livemesh Addons for Elementor WordPress plugin before 7.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2022-12-12	4.8	CVE-2022-3862 MISC
whitestudio — easy_form_builder	The Easy Form Builder WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2022-12-12	4.8	CVE-2022-3906 MISC
automattic — jetpack_crm	The Jetpack CRM WordPress plugin before 5.4.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.	2022-12-12	4.8	CVE-2022-3919 MISC
dpdgroup — woocommerce_shipping	The WooCommerce Shipping WordPress plugin through 1.2.11 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2022-12-12	4.8	CVE-2022-4000 MISC
webdevocean — image_hover_effects	The Image Hover Effects WordPress plugin through 5.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2022-12-12	4.8	CVE-2022-4010 MISC
zkteco — automatic_data_master_server	ZKTeco Xiamen Information Technology ZKBio ECO ADMS <=3.1-164 is vulnerable to Cross Site Scripting (XSS).	2022-12-09	4.8	CVE-2022-44213 MISC
aerocms_project — aerocms	AeroCMS v0.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via add_post.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field.	2022-12-13	4.8	CVE-2022-46058 MISC
google — android	In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. This could lead to local information disclosure with physical access required and an app that runs above the lockscreen, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-246301979	2022-12-13	4.6	CVE-2022-20497 MISC
westerndigital — my_cloud_os	Improper Authentication vulnerability in the encrypted volumes and auto mount features of Western Digital My Cloud devices allows insecure direct access to the drive information in the case of a device reset. This issue affects: Western Digital My Cloud My Cloud versions prior to 5.25.124 on Linux.	2022-12-09	4.6	CVE-2022-29838 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	4.6	CVE-2022-35694 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	4.6	CVE-2022-35696 MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-12-16	4.6	CVE-2022-42366 MISC
gym_management_system_project — gym_management_system	Gym Management System v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).	2022-12-13	4.5	CVE-2022-46062 MISC
google — android	In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239701237	2022-12-13	4.4	CVE-2022-20449 MISC
google — android	In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246465319	2022-12-13	4.4	CVE-2022-20498 MISC
enalean — tuleap	Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.148, Authorizations are not properly verified when accessing MediaWiki standalone resources. Users with read only permissions for pages are able to also edit them. This only affects the MediaWiki standalone plugin. This issue is patched in versions Tuleap Community Edition 14.2.99.148, Tuleap Enterprise Edition 14.2-5, and Tuleap Enterprise Edition 14.1-6.	2022-12-13	4.3	CVE-2022-23473 MISC MISC MISC
donation_button_project — donation_button	The Donation Button WordPress plugin through 4.0.0 does not properly check for privileges and nonce tokens in its “donation_button_twilio_send_test_sms” AJAX action, which may allow any users with an account on the affected site, like subscribers, to use the plugin’s Twilio integration to send SMSes to arbitrary phone numbers.	2022-12-12	4.3	CVE-2022-4004 MISC
sap — business_objects_business_intelligence_platform	Due to a missing authentication check, SAP Business Objects Business Intelligence Platform (Web Intelligence) – versions 420, 430, allows an authenticated non-administrator attacker to modify the data source information for a document that is otherwise restricted. On successful exploitation, the attacker can modify information causing a limited impact on the integrity of the application.	2022-12-12	4.3	CVE-2022-41263 MISC MISC
adobe — experience_manager	Adobe Experience Manager version 6.5.14 (and earlier) is affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to disclose low level confidentiality information. Exploitation of this issue does not require user interaction.	2022-12-16	4.3	CVE-2022-42351 MISC
m-files — m-files	Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files before 22.8.11691.0 allows low privilege user to change some configuration.	2022-12-09	4.3	CVE-2022-4264 MISC
microsoft — edge_chromium	Microsoft Edge (Chromium-based) Spoofing Vulnerability.	2022-12-13	4.3	CVE-2022-44688 MISC
open-emr — openemr	Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.	2022-12-15	4.3	CVE-2022-4505 CONFIRM MISC
enalean — tuleap	Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.104, project level authorizations are not properly verified when accessing the project “homepage”/dashboards. Users not authorized to access a project may still be able to get some information provided by the widgets (e.g. number of members, content of the Notes widget…). This issue has been patched in Tuleap Community Edition 14.2.99.104, Tuleap Enterprise Edition 14.2-4, and Tuleap Enterprise Edition 14.1-5.	2022-12-13	4.3	CVE-2022-46160 MISC MISC MISC
gitea — gitea	In Jenkins Gitea Plugin 1.4.4 and earlier, the implementation of Gitea personal access tokens did not support credentials masking, potentially exposing them through the build log.	2022-12-12	4.3	CVE-2022-46685 MISC

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
sentry — sentry	Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result an attacker with a valid invite link can create multiple users and join an organization they may not have been originally invited to. This issue was patched in version 22.11.0. Sentry SaaS customers do not need to take action. Self-hosted Sentry installs on systems which can not upgrade can disable the invite functionality until they are ready to deploy the patched version by editing their `sentry.conf.py` file (usually located at `~/.sentry/`).	2022-12-10	3.7	CVE-2022-23485 MISC
dragino — lg01_lora_firmware	Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page.	2022-12-12	3.5	CVE-2022-45228 MISC
vmware — esxi	VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.	2022-12-13	3.3	CVE-2022-31699 MISC
google — android	In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location information due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-231496105	2022-12-13	2.3	CVE-2022-20240 MISC

Severity Not Yet Assigned

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
pacparser — pacparser	A vulnerability classified as problematic was found in pacparser up to 1.3.x. Affected by this vulnerability is the function pacparser_find_proxy of the file src/pacparser.c. The manipulation of the argument url leads to buffer overflow. Attacking locally is a requirement. Upgrading to version 1.4.0 is able to address this issue. The name of the patch is 853e8f45607cb07b877ffd270c63dbcdd5201ad9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215443.	2022-12-13	not yet calculated	CVE-2019-25078 MISC MISC MISC MISC
zhimengzhe — ibarn	File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php.	2022-12-15	not yet calculated	CVE-2020-20588 MISC
netgate — multiple_products	Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package.	2022-12-15	not yet calculated	CVE-2020-21219 MISC MISC
easywebpack-cli — easywebpack-cli	Directory Traversal vulnerability in easywebpack-cli before 4.5.2 allows attackers to obtain sensitive information via crafted GET request.	2022-12-15	not yet calculated	CVE-2020-24855 MISC
ibm — spectrum_protect_plus	IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. An attacker could obtain information using main in the middle techniques. IBM X-Force ID: 182106.	2022-12-14	not yet calculated	CVE-2020-4497 MISC MISC
apache — zeppelin	The improper Input Validation vulnerability in “”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.	2022-12-16	not yet calculated	CVE-2021-28655 MISC
sourcecodester — online_grading_system	A SQL injection vulnerability in Sourcecodester Online Grading System 1.0 allows remote attackers to execute arbitrary SQL commands via the uname parameter.	2022-12-16	not yet calculated	CVE-2021-31650 MISC
inikulin — replicator	A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object.	2022-12-15	not yet calculated	CVE-2021-33420 MISC MISC MISC MISC
hp — omen_gaming_hub_sdk	Potential security vulnerabilities have been identified in an OMEN Gaming Hub SDK package which may allow escalation of privilege and/or denial of service. HP is releasing software updates to mitigate the potential vulnerabilities.	2022-12-12	not yet calculated	CVE-2021-3437 MISC
solarwinds — serv-u_ftp_server	Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext.	2022-12-16	not yet calculated	CVE-2021-35252 MISC MISC MISC
feehi_cms — feehi_cms	Cross Site Scripting (XSS) vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via the user name field of the login page.	2022-12-15	not yet calculated	CVE-2021-36572 MISC
hp — workstation_bios	A potential security vulnerability has been identified in certain HP Workstation BIOS (UEFI firmware) which may allow arbitrary code execution. HP is releasing firmware mitigations for the potential vulnerability.	2022-12-12	not yet calculated	CVE-2021-3661 MISC
ruoyi — ruoyi	Deserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary code via weak cipher in Shiro framework.	2022-12-16	not yet calculated	CVE-2021-38241 MISC
hp — multiple_products	A potential security vulnerability has been identified in OMEN Gaming Hub and in HP Command Center which may allow escalation of privilege and/or denial of service. HP has released software updates to mitigate the potential vulnerability.	2022-12-12	not yet calculated	CVE-2021-3919 MISC
hp — multiple_products	Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.	2022-12-12	not yet calculated	CVE-2021-3942 MISC
seacms — seacms	An issue was discovered in /Upload/admin/admin_notify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set.	2022-12-15	not yet calculated	CVE-2021-39426 MISC
188jianzhan — 188jianzhan	Cross site scripting vulnerability in 188Jianzhan 2.10 allows attackers to execute arbitrary code via the username parameter to /admin/reg.php.	2022-12-15	not yet calculated	CVE-2021-39427 MISC
eyoucms — eyoucms	Cross Site Scripting (XSS) vulnerability in Users.php in eyoucms 1.5.4 allows remote attackers to run arbitrary code and gain escalated privilege via the filename for edit_users_head_pic.	2022-12-15	not yet calculated	CVE-2021-39428 MISC
rsfirewall — rsfirewall	RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented.	2022-12-15	not yet calculated	CVE-2021-4226 MISC
chbrown — rfc6902	A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’). The exploit has been disclosed to the public and may be used. The name of the patch is c006ce9faa43d31edb34924f1df7b79c137096cf. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215883.	2022-12-15	not yet calculated	CVE-2021-4245 N/A N/A N/A
roxlukas — lmeve	A vulnerability was found in roxlukas LMeve and classified as critical. Affected by this issue is some unknown functionality of the component Login Page. The manipulation of the argument X-Forwarded-For leads to sql injection. The attack may be launched remotely. The name of the patch is 29e1ead3bb1c1fad53b77dfc14534496421c5b5d. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216176.	2022-12-17	not yet calculated	CVE-2021-4246 N/A N/A
hp — jumpstart	A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software.	2022-12-12	not yet calculated	CVE-2022-1038 MISC
google — android	In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199291025	2022-12-16	not yet calculated	CVE-2022-20199 MISC
google — android	In onCreate of WifiDppConfiguratorActivity.java, there is a possible way for a guest user to add a WiFi configuration due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224772890	2022-12-16	not yet calculated	CVE-2022-20503 MISC
google — android	In multiple locations of DreamManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and dismissal of system dialogs with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-225878553	2022-12-16	not yet calculated	CVE-2022-20504 MISC
google — android	In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitationProduct: AndroidVersions: Android-13Android ID: A-225981754	2022-12-16	not yet calculated	CVE-2022-20505 MISC
google — android	In onCreate of WifiDialogActivity.java, there is a missing permission check. This could lead to local escalation of privilege from a guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-226133034	2022-12-16	not yet calculated	CVE-2022-20506 MISC
google — android	In onMulticastListUpdateNotificationReceived of UwbEventManager.java, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246649179	2022-12-16	not yet calculated	CVE-2022-20507 MISC
google — android	In onAttach of ConfigureWifiSettings.java, there is a possible way for a guest user to change WiFi settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-218679614	2022-12-16	not yet calculated	CVE-2022-20508 MISC
google — android	In mapGrantorDescr of MessageQueueBase.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244713317	2022-12-16	not yet calculated	CVE-2022-20509 MISC
google — android	In getNearbyNotificationStreamingPolicy of DevicePolicyManagerService.java, there is a possible way to learn about the notification streaming policy of other users due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235822336	2022-12-16	not yet calculated	CVE-2022-20510 MISC
google — android	In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235821829	2022-12-16	not yet calculated	CVE-2022-20511 MISC
google — android	In navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238602879	2022-12-16	not yet calculated	CVE-2022-20512 MISC
google — android	In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244569759	2022-12-16	not yet calculated	CVE-2022-20513 MISC
google — android	In acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator of Idmap2Service.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245727875	2022-12-16	not yet calculated	CVE-2022-20514 MISC
google — android	In onPreferenceClick of AccountTypePreferenceLoader.java, there is a possible way to retrieve protected files from the Settings app due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-220733496	2022-12-16	not yet calculated	CVE-2022-20515 MISC
google — android	In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224002331	2022-12-16	not yet calculated	CVE-2022-20516 MISC
google — android	In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224769956	2022-12-16	not yet calculated	CVE-2022-20517 MISC
google — android	In query of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224770203	2022-12-16	not yet calculated	CVE-2022-20518 MISC
google — android	In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure WiFi networks due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224772678	2022-12-16	not yet calculated	CVE-2022-20519 MISC
google — android	In onCreate of various files, there is a possible tapjacking/overlay attack. This could lead to local escalation of privilege or denial of server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227203202	2022-12-16	not yet calculated	CVE-2022-20520 MISC
google — android	In sdpu_find_most_specific_service_uuid of sdp_utils.cc, there is a possible way to crash Bluetooth due to a missing null check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227203684	2022-12-16	not yet calculated	CVE-2022-20521 MISC
google — android	In getSlice of ProviderModelSlice.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227470877	2022-12-16	not yet calculated	CVE-2022-20522 MISC
google — android	In IncFs_GetFilledRangesStartingFrom of incfs.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-228222508	2022-12-16	not yet calculated	CVE-2022-20523 MISC
google — android	In compose of Vibrator.cpp, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-228523213	2022-12-16	not yet calculated	CVE-2022-20524 MISC
google — android	In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of visual voicemail package name due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229742768	2022-12-16	not yet calculated	CVE-2022-20525 MISC
google — android	In CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229742774	2022-12-16	not yet calculated	CVE-2022-20526 MISC
google — android	In HalCoreCallback of halcore.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC firmware with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229994861	2022-12-16	not yet calculated	CVE-2022-20527 MISC
google — android	In findParam of HevcUtils.cpp there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230172711	2022-12-16	not yet calculated	CVE-2022-20528 MISC
google — android	In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231583603	2022-12-16	not yet calculated	CVE-2022-20529 MISC
google — android	In strings.xml, there is a possible permission bypass due to a misleading string. This could lead to remote information disclosure of call logs with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231585645	2022-12-16	not yet calculated	CVE-2022-20530 MISC
google — android	In placeCall of TelecomManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231988638	2022-12-16	not yet calculated	CVE-2022-20531 MISC
google — android	In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the guest mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-232798363	2022-12-16	not yet calculated	CVE-2022-20533 MISC
google — android	In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233605242	2022-12-16	not yet calculated	CVE-2022-20535 MISC
google — android	In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235100180	2022-12-16	not yet calculated	CVE-2022-20536 MISC
google — android	In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. This could lead to local escalation of privilege from the Guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235601169	2022-12-16	not yet calculated	CVE-2022-20537 MISC
google — android	In getSmsRoleHolder of RoleService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235601770	2022-12-16	not yet calculated	CVE-2022-20538 MISC
google — android	In parameterToHal of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the audio server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-237291425	2022-12-16	not yet calculated	CVE-2022-20539 MISC
google — android	In SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-237291506	2022-12-16	not yet calculated	CVE-2022-20540 MISC
google — android	In phNxpNciHal_ioctl of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238083126	2022-12-16	not yet calculated	CVE-2022-20541 MISC
google — android	In multiple locations, there is a possible display crash loop due to improper input validation. This could lead to local denial of service with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238178261	2022-12-16	not yet calculated	CVE-2022-20543 MISC
google — android	In onOptionsItemSelected of ManageApplications.java, there is a possible bypass of profile owner restrictions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238745070	2022-12-16	not yet calculated	CVE-2022-20544 MISC
google — android	In bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-239368697	2022-12-16	not yet calculated	CVE-2022-20545 MISC
google — android	In getCurrentConfigImpl of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240266798	2022-12-16	not yet calculated	CVE-2022-20546 MISC
google — android	In multiple functions of AdapterService.java, there is a possible way to manipulate Bluetooth state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240301753	2022-12-16	not yet calculated	CVE-2022-20547 MISC
google — android	In setParameter of EqualizerEffect.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240919398	2022-12-16	not yet calculated	CVE-2022-20548 MISC
google — android	In authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242702451	2022-12-16	not yet calculated	CVE-2022-20549 MISC
google — android	In Multiple Locations, there is a possibility to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242845514	2022-12-16	not yet calculated	CVE-2022-20550 MISC
google — android	In btif_a2dp_sink_command_ready of btif_a2dp_sink.cc, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-243922806	2022-12-16	not yet calculated	CVE-2022-20552 MISC
google — android	In onCreate of LogAccessDialogActivity.java, there is a possible way to bypass a permission check due to a tapjacking/overlay attack. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244155265	2022-12-16	not yet calculated	CVE-2022-20553 MISC
google — android	In removeEventHubDevice of InputDevice.cpp, there is a possible OOB read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245770596	2022-12-16	not yet calculated	CVE-2022-20554 MISC
google — android	In ufdt_get_node_by_path_len of ufdt_convert.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246194233	2022-12-16	not yet calculated	CVE-2022-20555 MISC
google — android	In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246301667	2022-12-16	not yet calculated	CVE-2022-20556 MISC
google — android	In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-247092734	2022-12-16	not yet calculated	CVE-2022-20557 MISC
google — android	In registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred TTY mode due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236264289	2022-12-16	not yet calculated	CVE-2022-20558 MISC
google — android	In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-219739967	2022-12-16	not yet calculated	CVE-2022-20559 MISC
google — android	Product: AndroidVersions: Android kernelAndroid ID: A-212623833References: N/A	2022-12-16	not yet calculated	CVE-2022-20560 MISC
google — android	In TBD of aud_hal_tunnel.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222162870References: N/A	2022-12-16	not yet calculated	CVE-2022-20561 MISC
google — android	In various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231630423References: N/A	2022-12-16	not yet calculated	CVE-2022-20562 MISC
google — android	In TBD of ufdt_convert, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242067561References: N/A	2022-12-16	not yet calculated	CVE-2022-20563 MISC
google — android	In _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243798789References: N/A	2022-12-16	not yet calculated	CVE-2022-20564 MISC
google — android	In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel	2022-12-16	not yet calculated	CVE-2022-20566 MISC
google — android	In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186777253References: Upstream kernel	2022-12-16	not yet calculated	CVE-2022-20567 MISC
google — android	In (TBD) of (TBD), there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220738351References: Upstream kernel	2022-12-16	not yet calculated	CVE-2022-20568 MISC
google — android	In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-229258234References: N/A	2022-12-16	not yet calculated	CVE-2022-20569 MISC
google — android	Product: AndroidVersions: Android kernelAndroid ID: A-230660904References: N/A	2022-12-16	not yet calculated	CVE-2022-20570 MISC
google — android	In extract_metadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234030265References: Upstream kernel	2022-12-16	not yet calculated	CVE-2022-20571 MISC
google — android	In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel	2022-12-16	not yet calculated	CVE-2022-20572 MISC
google — android	In sec_sysmmu_info of drm_fw.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237582191References: N/A	2022-12-16	not yet calculated	CVE-2022-20574 MISC
google — android	In read_ppmpu_info of drm_fw.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237585040References: N/A	2022-12-16	not yet calculated	CVE-2022-20575 MISC
google — android	In externalOnRequest of rilapplication.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239701761References: N/A	2022-12-16	not yet calculated	CVE-2022-20576 MISC
google — android	In OemSimAuthRequest::encode of wlandata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762281References: N/A	2022-12-16	not yet calculated	CVE-2022-20577 MISC
google — android	In RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509749References: N/A	2022-12-16	not yet calculated	CVE-2022-20578 MISC
google — android	In RadioImpl::setCdmaBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243510139References: N/A	2022-12-16	not yet calculated	CVE-2022-20579 MISC
google — android	In ufdt_do_one_fixup of ufdt_overlay.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243629453References: N/A	2022-12-16	not yet calculated	CVE-2022-20580 MISC
google — android	In the Pixel camera driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-245916120References: N/A	2022-12-16	not yet calculated	CVE-2022-20581 MISC
google — android	In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233645166References: N/A	2022-12-16	not yet calculated	CVE-2022-20582 MISC
google — android	In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in S-EL1 with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234859169References: N/A	2022-12-16	not yet calculated	CVE-2022-20583 MISC
google — android	In page_number of shared_mem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238366009References: N/A	2022-12-16	not yet calculated	CVE-2022-20584 MISC
google — android	In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238716781References: N/A	2022-12-16	not yet calculated	CVE-2022-20585 MISC
google — android	In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238718854References: N/A	2022-12-16	not yet calculated	CVE-2022-20586 MISC
google — android	In ppmp_validate_wsm of drm_fw.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238720411References: N/A	2022-12-16	not yet calculated	CVE-2022-20587 MISC
google — android	In sysmmu_map of sysmmu.c, there is a possible EoP due to a precondition check failure. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238785915References: N/A	2022-12-16	not yet calculated	CVE-2022-20588 MISC
google — android	In valid_va_secbuf_check of drm_access_control.c, there is a possible ID due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238841928References: N/A	2022-12-16	not yet calculated	CVE-2022-20589 MISC
google — android	In valid_va_sec_mfc_check of drm_access_control.c, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238932493References: N/A	2022-12-16	not yet calculated	CVE-2022-20590 MISC
google — android	In ppmpu_set of ppmpu.c, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238939706References: N/A	2022-12-16	not yet calculated	CVE-2022-20591 MISC
google — android	In ppmp_validate_secbuf of drm_fw.c, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238976908References: N/A	2022-12-16	not yet calculated	CVE-2022-20592 MISC
google — android	In pop_descriptor_string of BufferDescriptor.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239415809References: N/A	2022-12-16	not yet calculated	CVE-2022-20593 MISC
google — android	In updateStart of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239567689References: N/A	2022-12-16	not yet calculated	CVE-2022-20594 MISC
google — android	In getWpcAuthChallengeResponse of WirelessCharger.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700137References: N/A	2022-12-16	not yet calculated	CVE-2022-20595 MISC
google — android	In sendChunk of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700400References: N/A	2022-12-16	not yet calculated	CVE-2022-20596 MISC
google — android	In ppmpu_set of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243480506References: N/A	2022-12-16	not yet calculated	CVE-2022-20597 MISC
google — android	In sec_media_protect of media.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege of secure mode MFC Core with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242357514References: N/A	2022-12-16	not yet calculated	CVE-2022-20598 MISC
google — android	In Pixel firmware, there is a possible exposure of sensitive memory due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332706References: N/A	2022-12-16	not yet calculated	CVE-2022-20599 MISC
google — android	In TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239847859References: N/A	2022-12-16	not yet calculated	CVE-2022-20600 MISC
google — android	Product: AndroidVersions: Android kernelAndroid ID: A-204541506References: N/A	2022-12-16	not yet calculated	CVE-2022-20601 MISC
google — android	Product: AndroidVersions: Android kernelAndroid ID: A-211081867References: N/A	2022-12-16	not yet calculated	CVE-2022-20602 MISC
google — android	In SetDecompContextDb of RohcDeCompContextOfRbId.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219265339References: N/A	2022-12-16	not yet calculated	CVE-2022-20603 MISC
google — android	In SAECOMM_SetDcnIdForPlmn of SAECOMM_DbManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from a single device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-230463606References: N/A	2022-12-16	not yet calculated	CVE-2022-20604 MISC
google — android	In SAECOMM_CopyBufferBytes of SAECOMM_Utility.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231722405References: N/A	2022-12-16	not yet calculated	CVE-2022-20605 MISC
google — android	In SAEMM_MiningCodecTableWithMsgIE of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233230674References: N/A	2022-12-16	not yet calculated	CVE-2022-20606 MISC
google — android	In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N/A	2022-12-16	not yet calculated	CVE-2022-20607 MISC
google — android	In Pixel cellular firmware, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239239246References: N/A	2022-12-16	not yet calculated	CVE-2022-20608 MISC
google — android	In Pixel cellular firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239240808References: N/A	2022-12-16	not yet calculated	CVE-2022-20609 MISC
google — android	In cellular modem firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240462530References: N/A	2022-12-16	not yet calculated	CVE-2022-20610 MISC
qualcomm — snapdragon	Memory corruption in Core due to improper configuration in boot remapper.	2022-12-15	not yet calculated	CVE-2022-22063 MISC
codex-team — editor.js	Editor.js is a block-style editor with clean JSON output. Versions prior to 2.26.0 are vulnerable to Code Injection via pasted input. The processHTML method passes pasted input into wrapper’s innerHTML. This issue is patched in version 2.26.0.	2022-12-15	not yet calculated	CVE-2022-23474 MISC MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are vulnerable to Insertion of Sensitive Information Into Sent Data. The moderators-only webcams lock setting is not enforced on the backend, which allows an attacker to subscribe to viewers’ webcams, even when the lock setting is applied. (The required streamId was being sent to all users even with lock setting applied). This issue is fixed in version 2.4-rc-6. There are no workarounds.	2022-12-17	not yet calculated	CVE-2022-23488 MISC MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. Versions prior to 2.4.0 expose sensitive information to Unauthorized Actors. This issue affects meetings with polls, where the attacker is a meeting participant. Subscribing to the current-poll collection does not update the client UI, but does give the attacker access to the contents of the collection, which include the individual poll responses. This issue is patched in version 2.4.0. There are no workarounds.	2022-12-16	not yet calculated	CVE-2022-23490 MISC MISC
informalsystems — tendermint-rs	Tendermint is a high-performance blockchain consensus engine for Byzantine fault tolerant applications. Versions prior to 0.28.0 contain a potential attack via Improper Verification of Cryptographic Signature, affecting anyone using the tendermint-light-client and related packages to perform light client verification (e.g. IBC-rs, Hermes). The light client does not check that the chain IDs of the trusted and untrusted headers match, resulting in a possible attack vector where someone who finds a header from an untrusted chain that satisfies all other verification conditions (e.g. enough overlapping validator signatures) could fool a light client. The attack vector is currently theoretical, and no proof-of-concept exists yet to exploit it on live networks. This issue is patched in version 0.28.0. There are no workarounds.	2022-12-15	not yet calculated	CVE-2022-23507 MISC
flavorjones — loofah	Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah < 2.19.1 contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption. This issue is patched in version 2.19.1.	2022-12-14	not yet calculated	CVE-2022-23514 MISC MISC
flavorjones — loofah	Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1.	2022-12-14	not yet calculated	CVE-2022-23515 MISC MISC MISC
flavorjones — loofah	Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.2.0, < 2.19.1 uses recursion for sanitizing CDATA sections, making it susceptible to stack exhaustion and raising a SystemStackError exception. This may lead to a denial of service through CPU resource consumption. This issue is patched in version 2.19.1. Users who are unable to upgrade may be able to mitigate this vulnerability by limiting the length of the strings that are sanitized.	2022-12-14	not yet calculated	CVE-2022-23516 MISC
helm — helm	Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to Uncontrolled Resource Consumption, resulting in Denial of Service. Input to functions in the _strvals_ package can cause a stack overflow. In Go, a stack overflow cannot be recovered from. Applications that use functions from the _strvals_ package in the Helm SDK can have a Denial of Service attack when they use this package and it panics. This issue has been patched in 3.10.3. SDK users can validate strings supplied by users won’t create large arrays causing significant memory usage before passing them to the _strvals_ functions.	2022-12-15	not yet calculated	CVE-2022-23524 MISC
helm — helm	Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the _repo_package. The _repo_ package contains a handler that processes the index file of a repository. For example, the Helm client adds references to chart repositories where charts are managed. The _repo_ package parses the index file of the repository and loads it into structures Go can work with. Some index files can cause array data structures to be created causing a memory violation. Applications that use the _repo_ package in the Helm SDK to parse an index file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with an index file that causes a memory violation panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate index files that are correctly formatted before passing them to the _repo_ functions.	2022-12-15	not yet calculated	CVE-2022-23525 MISC MISC
helm — helm	Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the_chartutil_ package that can cause a segmentation violation. The _chartutil_ package contains a parser that loads a JSON Schema validation file. For example, the Helm client when rendering a chart will validate its values with the schema file. The _chartutil_ package parses the schema file and loads it into structures Go can work with. Some schema files can cause array data structures to be created causing a memory violation. Applications that use the _chartutil_ package in the Helm SDK to parse a schema file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate schema files that are correctly formatted before passing them to the _chartutil_ functions.	2022-12-15	not yet calculated	CVE-2022-23526 MISC MISC
datadog — guarddog	GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to v0.1.8 are vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package. Extracting files using shutil.unpack_archive() from a potentially malicious tarball without validating that the destination file path is within the intended destination directory can cause files outside the destination directory to be overwritten. This issue is patched in version 0.1.8. Potential workarounds include using a safer module, like zipfile, and validating the location of the extracted files and discarding those with malicious paths.	2022-12-16	not yet calculated	CVE-2022-23530 MISC MISC MISC
datadog — guarddog	GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to 0.1.5 are vulnerable to Relative Path Traversal when scanning a specially-crafted local PyPI package. Running GuardDog against a specially-crafted package can allow an attacker to write an arbitrary file on the machine where GuardDog is executed due to a path traversal vulnerability when extracting the .tar.gz file of the package being scanned, which exists by design in the tarfile.TarFile.extractall function. This issue is patched in version 0.1.5.	2022-12-17	not yet calculated	CVE-2022-23531 MISC MISC MISC
wordpress — wordpress	The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the ‘tp_translation’ AJAX action which makes it possible for unauthenticated attackers to bypass any restrictions and influence the data shown on the site. Please note this is a separate issue from CVE-2022-2461. Notes from the researcher: When installed Transposh comes with a set of pre-configured options, one of these is the “Who can translate” setting under the “Settings” tab. However, this option is largely ignored, if Transposh has enabled its “autotranslate” feature (it’s enabled by default) and the HTTP POST parameter “sr0” is larger than 0. This is caused by a faulty validation in “wp/transposh_db.php.”	2022-12-15	not yet calculated	CVE-2022-2536 MISC MISC MISC MISC MISC MISC MISC
broadcom — symantec_identity_governance_and_administration	An unauthenticated user can access Identity Manager’s management console specific page URLs. However, the system doesn’t allow the user to carry out server side tasks without a valid web session.	2022-12-16	not yet calculated	CVE-2022-25626 MISC
broadcom — symantec_identity_governance_and_administration	An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4	2022-12-16	not yet calculated	CVE-2022-25627 MISC
broadcom — symantec_identity_governance_and_administration	An authenticated user can perform XML eXternal Entity injection in Management Console in Symantec Identity Manager 14.4	2022-12-16	not yet calculated	CVE-2022-25628 MISC
cyshield — multiple_products	PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows root privileged attackers to install an unsigned application by copying the APK to /data/app, setting the appropriate permissions and rebooting the device.	2022-12-16	not yet calculated	CVE-2022-26579 MISC
cyshield — multiple_products	PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 was discovered to be vulnerable to command injection.	2022-12-16	not yet calculated	CVE-2022-26580 MISC
cyshield — multiple_products	The ADB daemon in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows the execution of the systool utility in production mode, allowing unauthenticated attackers to perform privileged actions.	2022-12-16	not yet calculated	CVE-2022-26581 MISC
cyshield — multiple_products	The systool_server in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 fails to check for dollar signs or backticks in user supplied commands, leading to to arbitrary command execution as root.	2022-12-16	not yet calculated	CVE-2022-26582 MISC
lansweeper — lansweeper	A directory traversal vulnerability exists in the TicketTemplateActions.aspx GetTemplateAttachment functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.	2022-12-15	not yet calculated	CVE-2022-27498 MISC
lansweeper — lansweeper	A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.	2022-12-15	not yet calculated	CVE-2022-28703 MISC
altair — hyperview_player	Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.	2022-12-13	not yet calculated	CVE-2022-2950 MISC
altair — hyperview_player	Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to improper validation of array index vulnerability during processing of H3D files. A DWORD value from a PoC file is extracted and used as an index to write to a buffer, leading to memory corruption.	2022-12-13	not yet calculated	CVE-2022-2951 MISC
lansweeper — lansweeper	A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.	2022-12-15	not yet calculated	CVE-2022-29511 MISC
lansweeper — lansweeper	A directory traversal vulnerability exists in the HelpdeskActions.aspx edittemplate functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.	2022-12-15	not yet calculated	CVE-2022-29517 MISC
delta_electronics — dopsoft	Out-of-bounds Read vulnerability in Delta Electronics DOPSoft.This issue affects DOPSoft: All Versions.	2022-12-16	not yet calculated	CVE-2022-2966 MISC
ffmpeg — ffmpeg	An issue was discovered in the FFmpeg through 3.0. vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause the null pointer dereference, impacting confidentiality and availability.	2022-12-16	not yet calculated	CVE-2022-3109 MISC MISC
rockwell_automation — multiple_logix_controllers	A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS).	2022-12-16	not yet calculated	CVE-2022-3157 MISC
rockwell_automation — multiple_products	Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device	2022-12-16	not yet calculated	CVE-2022-3166 MISC
vmware — multiple_products	VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.	2022-12-14	not yet calculated	CVE-2022-31700 MISC
vmware — multiple_products	VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.	2022-12-14	not yet calculated	CVE-2022-31701 MISC
vmware — multiple_products	VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.	2022-12-14	not yet calculated	CVE-2022-31705 MISC
vmware — vrealize_operations	vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.	2022-12-16	not yet calculated	CVE-2022-31707 MISC
vmware — vrealize_operations	vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.	2022-12-16	not yet calculated	CVE-2022-31708 MISC
apache — bookkeeper_java_client	The Apache Bookkeeper Java Client (before 4.14.6 and also 4.15.0) does not close the connection to the bookkeeper server when TLS hostname verification fails. This leaves the bookkeeper client vulnerable to a man in the middle attack. The problem affects BookKeeper client prior to versions 4.14.6 and 4.15.1.	2022-12-15	not yet calculated	CVE-2022-32531 MISC
lansweeper — lansweeper	A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.	2022-12-15	not yet calculated	CVE-2022-32573 MISC
lansweeper — lansweeper	A cross-site scripting (xss) sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.	2022-12-15	not yet calculated	CVE-2022-32763 MISC
apple — ios	An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history.	2022-12-15	not yet calculated	CVE-2022-32833 MISC
apple — multiple_products	An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8. An app may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-32860 MISC MISC MISC
apple — ios	An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 16. An app may be able to disclose kernel memory.	2022-12-15	not yet calculated	CVE-2022-32916 MISC
apple — multiple_products	The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. An app may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-32942 MISC MISC MISC
apple — multiple_products	The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication.	2022-12-15	not yet calculated	CVE-2022-32943 MISC MISC
apple — macos_ventura	An access issue was addressed with additional sandbox restrictions on third-party apps. This issue is fixed in macOS Ventura 13. An app may be able to record audio with paired AirPods.	2022-12-15	not yet calculated	CVE-2022-32945 MISC
apple — multiple_products	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-32948 MISC MISC
wordpress — wordpress	The Corner Ad plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.56. This is due to missing or incorrect nonce validation on its corner_ad_settings_page function. This makes it possible for unauthenticated attackers to trigger the deletion of ads via forged request granted they can trick a site administrator into performing an action such as clicking on a link.	2022-12-15	not yet calculated	CVE-2022-3427 MISC MISC MISC
emby_server — emby_server	In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account.	2022-12-16	not yet calculated	CVE-2022-36223 MISC
hp — multiple_products	A potential vulnerability has been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerability.	2022-12-12	not yet calculated	CVE-2022-37018 MISC
jumpsec — mutiny	Mutiny 7.2.0-10788 suffers from Hardcoded root password.	2022-12-16	not yet calculated	CVE-2022-37832 MISC
solarwinds — serv-u	This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function.	2022-12-16	not yet calculated	CVE-2022-38106 MISC MISC MISC
logrocket — logrocket-oauth2-example	logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter.	2022-12-14	not yet calculated	CVE-2022-38488 MISC MISC MISC MISC MISC
micro_focus — groupwise_web	A vulnerability has been identified in Micro Focus GroupWise Web in versions prior to 18.4.2. The GW Web component makes a request to the Post Office Agent that contains sensitive information in the query parameters that could be logged by any intervening HTTP proxies.	2022-12-16	not yet calculated	CVE-2022-38756 MISC
motorola — mobility_motorola	Improper access control of bootloader function was discovered in Motorola Mobility Motorola e20 prior to version RONS31.267-38-8 allows attacker with local access to read partition or RAM data.	2022-12-14	not yet calculated	CVE-2022-3917 MISC
wordpress — wordpress	The Motors WordPress plugin before 1.4.4 does not properly validate uploaded files for dangerous file types (such as .php) in an AJAX action, allowing an attacker to sign up on a victim’s WordPress instance, upload a malicious PHP file and attempt to launch a brute-force attack to discover the uploaded payload.	2022-12-12	not yet calculated	CVE-2022-3989 MISC
feehicms — feehicms	Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page.	2022-12-15	not yet calculated	CVE-2022-40000 MISC
feehicms — feehicms	Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page.	2022-12-15	not yet calculated	CVE-2022-40001 MISC
feehicms — feehicms	Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify.	2022-12-15	not yet calculated	CVE-2022-40002 MISC
things_board — things_board	Cross Site Scripting (XSS) vulnerability in Things Board 3.4.1 allows remote attackers to escalate privilege via crafted URL to the Audit Log.	2022-12-15	not yet calculated	CVE-2022-40004 MISC
feehicms — feehicms	Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 allows remote attackers to run arbitrary code via upload of crafted XML file.	2022-12-15	not yet calculated	CVE-2022-40373 MISC
satellite_server — satellite_server	A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker’s server by modifying the Referer header in an HTTP request of specific resources in the server.	2022-12-16	not yet calculated	CVE-2022-4130 MISC
netty — netty	Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.	2022-12-12	not yet calculated	CVE-2022-41881 MISC
netty — netty	Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, when calling `DefaultHttpHeadesr.set` with an _iterator_ of values, header value validation was not performed, allowing malicious header values in the iterator to perform HTTP Response Splitting. This issue has been patched in version 4.1.86.Final. Integrators can work around the issue by changing the `DefaultHttpHeaders.set(CharSequence, Iterator<?>)` call, into a `remove()` call, and call `add()` in a loop over the iterator of values.	2022-12-13	not yet calculated	CVE-2022-41915 MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. Versions prior to 2.4.3, are subject to Insufficient Verification of Data Authenticity, resulting in Denial of Service. An attacker can make a Meteor call to `validateAuthToken` using a victim’s userId, meetingId, and an invalid authToken. This forces the victim to leave the conference, because the resulting verification failure is also observed and handled by the victim’s client. The attacker must be a participant in any meeting on the server. This issue is patched in version 2.4.3. There are no workarounds.	2022-12-16	not yet calculated	CVE-2022-41960 MISC MISC MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are subject to Ineffective user bans. The attacker could register multiple users, and join the meeting with one of them. When that user is banned, they could still join the meeting with the remaining registered users from the same extId. This issue has been fixed by improving permissions such that banning a user removes all users related to their extId, including registered users that have not joined the meeting. This issue is patched in versions 2.4-rc-6 and 2.5-alpha-1. There are no workarounds.	2022-12-16	not yet calculated	CVE-2022-41961 MISC MISC MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6, and 2.5-alpha-1 contain Incorrect Authorization for setting emoji status. A user with moderator rights can use the clear status feature to set any emoji status for other users. Moderators should only be able to set none as the status of other users. This issue is patched in 2.4-rc-6 and 2.5-alpha-1There are no workarounds.	2022-12-16	not yet calculated	CVE-2022-41962 MISC MISC MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. Versions prior to 2.4.3 contain a whiteboard grace period that exists to handle delayed messages, but this grace period could be used by attackers to take actions in the few seconds after their access is revoked. The attacker must be a meeting participant. This issue is patched in version 2.4.3 an version 2.5-alpha-1	2022-12-16	not yet calculated	CVE-2022-41963 MISC MISC
bigbluebutton — bigbluebutton	BigBlueButton is an open source web conferencing system. This vulnerability only affects release candidates of BigBlueButton 2.4. The attacker can start a subscription for poll results before starting an anonymous poll, and use this subscription to see individual responses in the anonymous poll. The attacker had to be a meeting presenter. This issue is patched in version 2.4.0. There are no workarounds.	2022-12-16	not yet calculated	CVE-2022-41964 MISC MISC
contiki-ng — contiki-ng	Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 contain a NULL Pointer Dereference in BLE L2CAP module. The Contiki-NG operating system for IoT devices contains a Bluetooth Low Energy stack. An attacker can inject a packet in this stack, which causes the implementation to dereference a NULL pointer and triggers undefined behavior. More specifically, while processing the L2CAP protocol, the implementation maps an incoming channel ID to its metadata structure. In this structure, state information regarding credits is managed through calls to the function input_l2cap_credit in the module os/net/mac/ble/ble-l2cap.c. Unfortunately, the input_l2cap_credit function does not check that the metadata corresponding to the user-supplied channel ID actually exists, which can lead to the channel variable being set to NULL before a pointer dereferencing operation is performed. The vulnerability has been patched in the “develop” branch of Contiki-NG, and will be included in release 4.9. Users can apply the patch in Contiki-NG pull request #2253 as a workaround until the new package is released.	2022-12-16	not yet calculated	CVE-2022-41972 MISC MISC
poweriso — poweriso	A memory corruption vulnerability exists in the VHD File Format parsing CXSPARSE record functionality of PowerISO PowerISO 8.3. A specially-crafted file can lead to an out-of-bounds write. A victim needs to open a malicious file to trigger this vulnerability.	2022-12-16	not yet calculated	CVE-2022-41992 MISC
pgadmin — pgadmin	The pgAdmin server includes an HTTP API that is intended to be used to validate the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. The utility is executed by the server to determine what PostgreSQL version it is from. Versions of pgAdmin prior to 6.17 failed to properly secure this API, which could allow an unauthenticated user to call it with a path of their choosing, such as a UNC path to a server they control on a Windows machine. This would cause an appropriately named executable in the target path to be executed by the pgAdmin server.	2022-12-13	not yet calculated	CVE-2022-4223 MISC FEDORA
google — android	In HexString2Value of util.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231403References: N/A	2022-12-16	not yet calculated	CVE-2022-42501 MISC
google — android	In FacilityLock::Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231970References: N/A	2022-12-16	not yet calculated	CVE-2022-42502 MISC
google — android	In ProtocolMiscBuilder::BuildSetLinkCapaReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231983References: N/A	2022-12-16	not yet calculated	CVE-2022-42503 MISC
google — android	In CallDialReqData::encodeCallNumber of callreqdata.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241232209References: N/A	2022-12-16	not yet calculated	CVE-2022-42504 MISC
google — android	In ProtocolMiscBuilder::BuildSetSignalReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241232492References: N/A	2022-12-16	not yet calculated	CVE-2022-42505 MISC
google — android	In SimUpdatePbEntry::encode of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388399References: N/A	2022-12-16	not yet calculated	CVE-2022-42506 MISC
google — android	In ProtocolSimBuilder::BuildSimUpdatePb3gEntry of protocolsimbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388774References: N/A	2022-12-16	not yet calculated	CVE-2022-42507 MISC
google — android	In ProtocolCallBuilder::BuildSendUssd of protocolcallbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388966References: N/A	2022-12-16	not yet calculated	CVE-2022-42508 MISC
google — android	In CallDialReqData::encode of callreqdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241544307References: N/A	2022-12-16	not yet calculated	CVE-2022-42509 MISC
google — android	In StringsRequestData::encode of requestdata.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762656References: N/A	2022-12-16	not yet calculated	CVE-2022-42510 MISC
google — android	In EmbmsSessionData::encode of embmsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762712References: N/A	2022-12-16	not yet calculated	CVE-2022-42511 MISC
google — android	In VsimOperationDataExt::encode of vsimdata.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763050References: N/A	2022-12-16	not yet calculated	CVE-2022-42512 MISC
google — android	In ProtocolEmbmsBuilder::BuildSetSession of protocolembmsbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763204References: N/A	2022-12-16	not yet calculated	CVE-2022-42513 MISC
google — android	In ProtocolImsBuilder::BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763298References: N/A	2022-12-16	not yet calculated	CVE-2022-42514 MISC
google — android	In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763503References: N/A	2022-12-16	not yet calculated	CVE-2022-42515 MISC
google — android	In ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderlegacy.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763577References: N/A	2022-12-16	not yet calculated	CVE-2022-42516 MISC
google — android	In MiscService::DoOemSetTcsFci of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763682References: N/A	2022-12-16	not yet calculated	CVE-2022-42517 MISC
google — android	In BroadcastSmsConfigsRequestData::encode of smsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242536278References: N/A	2022-12-16	not yet calculated	CVE-2022-42518 MISC
google — android	In CdmaBroadcastSmsConfigsRequestData::encode of cdmasmsdata.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242540694References: N/A	2022-12-16	not yet calculated	CVE-2022-42519 MISC
google — android	In ServiceInterface::HandleRequest of serviceinterface.cpp, there is a possible use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242994270References: N/A	2022-12-16	not yet calculated	CVE-2022-42520 MISC
google — android	In encode of wlandata.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130019References: N/A	2022-12-16	not yet calculated	CVE-2022-42521 MISC
google — android	In DoSetCarrierConfig of miscservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130038References: N/A	2022-12-16	not yet calculated	CVE-2022-42522 MISC
google — android	In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243376893References: N/A	2022-12-16	not yet calculated	CVE-2022-42523 MISC
google — android	In sms_GetTpUdlIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243401445References: N/A	2022-12-16	not yet calculated	CVE-2022-42524 MISC
google — android	In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509750References: N/A	2022-12-16	not yet calculated	CVE-2022-42525 MISC
google — android	In ConvertUtf8ToUcs2 of radio_hal_utils.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509880References: N/A	2022-12-16	not yet calculated	CVE-2022-42526 MISC
google — android	In cd_SsParseMsg of cd_SsCodec.c, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-244448906References: N/A	2022-12-16	not yet calculated	CVE-2022-42527 MISC
google — android	Product: AndroidVersions: Android kernelAndroid ID: A-235292841References: N/A	2022-12-16	not yet calculated	CVE-2022-42529 MISC
google — android	In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242331893References: N/A	2022-12-16	not yet calculated	CVE-2022-42530 MISC
google — android	In mmu_map_for_fw of gs_ldfw_load.c, there is a possible mitigation bypass due to Permissive Memory Allocation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231500967References: N/A	2022-12-16	not yet calculated	CVE-2022-42531 MISC
google — android	In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332610References: N/A	2022-12-16	not yet calculated	CVE-2022-42532 MISC
google — android	In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible privilege escalation due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237838301References: N/A	2022-12-16	not yet calculated	CVE-2022-42534 MISC
google — android	In a query in MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224770183	2022-12-16	not yet calculated	CVE-2022-42535 MISC
google — android	In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231445184	2022-12-16	not yet calculated	CVE-2022-42542 MISC
google — android	In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-249998113References: N/A	2022-12-16	not yet calculated	CVE-2022-42543 MISC
google — android	In getView of AddAppNetworksFragment.java, there is a possible way to mislead the user about network add requests due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224545390	2022-12-16	not yet calculated	CVE-2022-42544 MISC
apple — multiple_products	An integer overflow was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-42805 MISC MISC
apple — multiple_products	A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Big Sur 11.7.2, macOS Ventura 13. An app may bypass Gatekeeper checks.	2022-12-15	not yet calculated	CVE-2022-42821 MISC MISC MISC
x.org — x.org	A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.	2022-12-14	not yet calculated	CVE-2022-4283 MISC MISC FEDORA FEDORA
apple — multiple_products	An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, watchOS 9.2. A remote user may be able to cause unexpected app termination or arbitrary code execution.	2022-12-15	not yet calculated	CVE-2022-42837 MISC MISC MISC MISC
apple — multiple_products	The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2. An app may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-42840 MISC MISC MISC MISC MISC
apple — multiple_products	A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. Processing a maliciously crafted package may lead to arbitrary code execution.	2022-12-15	not yet calculated	CVE-2022-42841 MISC MISC MISC
apple — multiple_products	The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. A remote user may be able to cause kernel code execution.	2022-12-15	not yet calculated	CVE-2022-42842 MISC MISC MISC MISC MISC MISC
apple — multiple_products	This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. A user may be able to view sensitive user information.	2022-12-15	not yet calculated	CVE-2022-42843 MISC MISC MISC MISC
apple — multiple_products	The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to break out of its sandbox.	2022-12-15	not yet calculated	CVE-2022-42844 MISC
apple — multiple_products	The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app with root privileges may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-42845 MISC MISC MISC MISC MISC MISC
apple — multiple_products	The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination.	2022-12-15	not yet calculated	CVE-2022-42846 MISC MISC
apple — macos_ventura	An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-42847 MISC
apple — multiple_products	A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-42848 MISC MISC MISC
apple — multiple_products	An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2, watchOS 9.2. A user may be able to elevate privileges.	2022-12-15	not yet calculated	CVE-2022-42849 MISC MISC MISC
apple — multiple_products	The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-42850 MISC
apple — multiple_products	The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2. Parsing a maliciously crafted TIFF file may lead to disclosure of user information.	2022-12-15	not yet calculated	CVE-2022-42851 MISC MISC
apple — multiple_products	The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory.	2022-12-15	not yet calculated	CVE-2022-42852 MISC MISC MISC MISC MISC MISC
apple — macos_ventura	An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.1. An app may be able to modify protected parts of the file system.	2022-12-15	not yet calculated	CVE-2022-42853 MISC
apple — multiple_products	The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1. An app may be able to disclose kernel memory.	2022-12-15	not yet calculated	CVE-2022-42854 MISC MISC
apple — multiple_products	A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2. An app may be able to use arbitrary entitlements.	2022-12-15	not yet calculated	CVE-2022-42855 MISC MISC MISC MISC MISC
apple — multiple_products	A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1..	2022-12-15	not yet calculated	CVE-2022-42856 MISC MISC MISC MISC MISC
apple — multiple_products	Multiple issues were addressed by removing the vulnerable code. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, watchOS 9.2. An app may be able to bypass Privacy preferences.	2022-12-15	not yet calculated	CVE-2022-42859 MISC MISC MISC
apple — multiple_products	This issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2. An app may be able to break out of its sandbox.	2022-12-15	not yet calculated	CVE-2022-42861 MISC MISC MISC MISC
apple — multiple_products	This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to bypass Privacy preferences.	2022-12-15	not yet calculated	CVE-2022-42862 MISC MISC
apple — multiple_products	A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.	2022-12-15	not yet calculated	CVE-2022-42863 MISC MISC MISC MISC MISC
apple — multiple_products	A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-42864 MISC MISC MISC MISC MISC MISC MISC
apple — multiple_products	This issue was addressed by enabling hardened runtime. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to bypass Privacy preferences.	2022-12-15	not yet calculated	CVE-2022-42865 MISC MISC MISC MISC
apple — multiple_products	The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to read sensitive location information.	2022-12-15	not yet calculated	CVE-2022-42866 MISC MISC MISC MISC
apple — multiple_products	A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.	2022-12-15	not yet calculated	CVE-2022-42867 MISC MISC MISC MISC MISC
trellix– endpoint_agent	Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.	2022-12-16	not yet calculated	CVE-2022-4326 MISC
beijing_zed-3 — voip_simpliclty_asg	Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) is vulnerable to Cross Site Scripting (XSS).	2022-12-15	not yet calculated	CVE-2022-44235 MISC
beijing_zed-3 — voip_simpliclty_asg	Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) has a Weak password vulnerability.	2022-12-15	not yet calculated	CVE-2022-44236 MISC
m0ver — bible-online	A vulnerability, which was classified as critical, has been found in m0ver bible-online. Affected by this issue is the function query of the file src/main/java/custom/application/search.java of the component Search Handler. The manipulation leads to sql injection. The name of the patch is 6ef0aabfb2d4ccd53fcaa9707781303af357410e. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215444.	2022-12-13	not yet calculated	CVE-2022-4454 MISC MISC
sproctor — php-calendar	A vulnerability, which was classified as problematic, was found in sproctor php-calendar. This affects an unknown part of the file index.php. The manipulation of the argument $_SERVER[‘PHP_SELF’] leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is a2941109b42201c19733127ced763e270a357809. It is recommended to apply a patch to fix this issue. The identifier VDB-215445 was assigned to this vulnerability.	2022-12-13	not yet calculated	CVE-2022-4455 MISC MISC
falling-fruit — falling-fruit	A vulnerability has been found in falling-fruit and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 15adb8e1ea1f1c3e3d152fc266071f621ef0c621. It is recommended to apply a patch to fix this issue. VDB-215446 is the identifier assigned to this vulnerability.	2022-12-13	not yet calculated	CVE-2022-4456 MISC MISC
wordpress — wordpress	Unauth. SQL Injection vulnerability in Cryptocurrency Widgets Pack Plugin <=1.8.1 on WordPress.	2022-12-15	not yet calculated	CVE-2022-44588 MISC
samsung — samsung_tv	The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models.	2022-12-13	not yet calculated	CVE-2022-44636 MISC MISC
wordpress — wordpress	The Mega Addons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the vc_saving_data function in versions up to, and including, 4.2.7. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update the plugin’s settings.	2022-12-14	not yet calculated	CVE-2022-4501 MISC MISC
codeprojects — expense_tracker	A cross-site scripting (XSS) vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field.	2022-12-15	not yet calculated	CVE-2022-45033 MISC
rainygao — docsys	A vulnerability has been found in RainyGao DocSys and classified as critical. Affected by this vulnerability is an unknown functionality of the component com.DocSystem.controller.UserController#getUserImg. The manipulation leads to path traversal: ‘../filedir’. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215851.	2022-12-15	not yet calculated	CVE-2022-4511 N/A N/A
european_environment_agency — eionet.contreg	A vulnerability, which was classified as problematic, has been found in European Environment Agency eionet.contreg. This issue affects some unknown processing. The manipulation of the argument searchTag/resourceUri leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2022-06-27T0948 is able to address this issue. The name of the patch is a120c2153e263e62c4db34a06ab96a9f1c6bccb6. It is recommended to upgrade the affected component. The identifier VDB-215885 was assigned to this vulnerability.	2022-12-15	not yet calculated	CVE-2022-4513 N/A N/A N/A
opencaching_deutschland — oc-server3	A vulnerability, which was classified as problematic, was found in Opencaching Deutschland oc-server3. Affected is an unknown function of the file htdocs/lang/de/ocstyle/varset.inc.php. The manipulation of the argument varvalue leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 4bdd6a0e7b7760cea03b91812cbb80d7b16e3b5f. It is recommended to apply a patch to fix this issue. VDB-215886 is the identifier assigned to this vulnerability.	2022-12-15	not yet calculated	CVE-2022-4514 N/A N/A N/A
wordpress — wordpress	The WP User plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters in versions up to, and including, 7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.	2022-12-15	not yet calculated	CVE-2022-4519 MISC MISC
wso2 — carbon-registry	A vulnerability was found in WSO2 carbon-registry up to 4.8.11. It has been rated as problematic. Affected by this issue is some unknown functionality of the file components/registry/org.wso2.carbon.registry.search.ui/src/main/resources/web/search/advancedSearchForm-ajaxprocessor.jsp of the component Advanced Search. The manipulation of the argument mediaType/rightOp/leftOp/rightPropertyValue/leftPropertyValue leads to cross site scripting. The attack may be launched remotely. Upgrading to version 4.8.12 is able to address this issue. The name of the patch is 0c827cc1b14b82d8eb86117ab2e43c34bb91ddb4. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215900.	2022-12-15	not yet calculated	CVE-2022-4520 N/A N/A N/A N/A
wso2 — carbon-registry	A vulnerability classified as problematic has been found in WSO2 carbon-registry up to 4.8.7. This affects an unknown part of the component Request Parameter Handler. The manipulation of the argument parentPath/path/username/path/profile_menu leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 4.8.12 is able to address this issue. The name of the patch is 9f967abfde9317bee2cda469dbc09b57d539f2cc. It is recommended to upgrade the affected component. The identifier VDB-215901 was assigned to this vulnerability.	2022-12-15	not yet calculated	CVE-2022-4521 N/A N/A N/A N/A
calendarxp — calendarxp	A vulnerability classified as problematic was found in CalendarXP up to 10.0.1. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 10.0.2 is able to address this issue. The name of the patch is e3715b2228ddefe00113296069969f9e184836da. It is recommended to upgrade the affected component. VDB-215902 is the identifier assigned to this vulnerability.	2022-12-15	not yet calculated	CVE-2022-4522 N/A N/A N/A
vexim — vexim2	A vulnerability, which was classified as problematic, has been found in vexim2. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 21c0a60d12e9d587f905cd084b2c70f9b1592065. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215903.	2022-12-15	not yet calculated	CVE-2022-4523 N/A N/A N/A
roots — soil	A vulnerability, which was classified as problematic, was found in Roots soil Plugin up to 4.1.0. Affected is the function language_attributes of the file src/Modules/CleanUpModule.php. The manipulation of the argument language leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 4.1.1 is able to address this issue. The name of the patch is 0c9151e00ab047da253e5cdbfccb204dd423269d. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215904.	2022-12-15	not yet calculated	CVE-2022-4524 N/A N/A N/A N/A
national_sleep_research_resource — sleepdata.org	A vulnerability has been found in National Sleep Research Resource sleepdata.org up to 59.0.0.rc and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 59.0.0 is able to address this issue. The name of the patch is da44a3893b407087829b006d09339780919714cd. It is recommended to upgrade the affected component. The identifier VDB-215905 was assigned to this vulnerability.	2022-12-15	not yet calculated	CVE-2022-4525 N/A N/A N/A
django-photologue — django-photologue	A vulnerability was found in django-photologue up to 3.15.1 and classified as problematic. Affected by this issue is some unknown functionality of the file photologue/templates/photologue/photo_detail.html of the component Default Template Handler. The manipulation of the argument object.caption leads to cross site scripting. The attack may be launched remotely. Upgrading to version 3.16 is able to address this issue. The name of the patch is 960cb060ce5e2964e6d716ff787c72fc18a371e7. It is recommended to apply a patch to fix this issue. VDB-215906 is the identifier assigned to this vulnerability.	2022-12-15	not yet calculated	CVE-2022-4526 N/A N/A N/A
collective — collective.task	A vulnerability was found in collective.task up to 3.0.9. It has been classified as problematic. This affects the function renderCell/AssignedGroupColumn of the file src/collective/task/browser/table.py. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 3.0.10 is able to address this issue. The name of the patch is 1aac7f83fa2c2b41d59ba02748912953461f3fac. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215907.	2022-12-15	not yet calculated	CVE-2022-4527 N/A N/A N/A
exact_software — synergy_enterprise	An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file.	2022-12-15	not yet calculated	CVE-2022-45338 MISC
siemens — teamcenter_and_jt2go	A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V13.3 (All versions >= V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.0 (All versions >= V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CCITT_G4Decode.dll contains an out of bounds read vulnerability when parsing a RAS file. An attacker can leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19056)	2022-12-13	not yet calculated	CVE-2022-45484 CONFIRM
wordpress — wordpress	The WP Shamsi plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the deactivate() function hooked via init() in versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to deactivate arbitrary plugins on the site. This can be used to deactivate security plugins that aids in exploiting other vulnerabilities.	2022-12-16	not yet calculated	CVE-2022-4555 MISC MISC
alinto — sogo	A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as problematic. Affected by this issue is the function _migrateMailIdentities of the file SoObjects/SOGo/SOGoUserDefaults.m of the component Identity Handler. The manipulation of the argument fullName leads to cross site scripting. The attack may be launched remotely. Upgrading to version 5.8.0 is able to address this issue. The name of the patch is efac49ae91a4a325df9931e78e543f707a0f8e5e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215960.	2022-12-16	not yet calculated	CVE-2022-4556 MISC MISC MISC
alinto — sogo	A vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of the file SoObjects/SOGo/NSString+Utilities.m of the component Folder/Mail Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 5.8.0 is able to address this issue. The name of the patch is 1e0f5f00890f751e84d67be4f139dd7f00faa5f3. It is recommended to upgrade the affected component. The identifier VDB-215961 was assigned to this vulnerability.	2022-12-16	not yet calculated	CVE-2022-4558 MISC MISC MISC
inex — ipx-manager	A vulnerability was found in INEX IPX-Manager up to 6.2.0. It has been declared as problematic. This vulnerability affects unknown code of the file resources/views/customer/list.foil.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 6.3.0 is able to address this issue. The name of the patch is bc9b14c6f70cccdb89b559e8bc3a7318bfe9c243. It is recommended to upgrade the affected component. VDB-215962 is the identifier assigned to this vulnerability.	2022-12-16	not yet calculated	CVE-2022-4559 MISC MISC MISC
joget — joget	A vulnerability was found in Joget up to 7.0.32. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 8.0-BETA is able to address this issue. The name of the patch is ecf8be8f6f0cb725c18536ddc726d42a11bdaa1b. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215963.	2022-12-16	not yet calculated	CVE-2022-4560 MISC MISC MISC
wikimedia — semanticdrilldown_extension	A vulnerability classified as problematic has been found in SemanticDrilldown Extension. Affected is the function printFilterLine of the file includes/specials/SDBrowseDataPage.php of the component GET Parameter Handler. The manipulation of the argument value leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6e18cf740a4548166c1d95f6d3a28541d298a3aa. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215964.	2022-12-16	not yet calculated	CVE-2022-4561 MISC MISC
freedom_of_the_press — securedrop	A vulnerability was found in Freedom of the Press SecureDrop. It has been rated as critical. Affected by this issue is some unknown functionality of the file gpg-agent.conf. The manipulation leads to symlink following. Local access is required to approach this attack. The name of the patch is b0526a06f8ca713cce74b63e00d3730618d89691. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215972.	2022-12-16	not yet calculated	CVE-2022-4563 N/A N/A N/A
university_of_central_florida — materia	A vulnerability classified as problematic has been found in University of Central Florida Materia up to 9.0.1-alpha1. This affects the function before of the file fuel/app/classes/controller/api.php of the component API Controller. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 9.0.2-alpha2 is able to address this issue. The name of the patch is af259115d2e8f17068e61902151ee8a9dbac397b. It is recommended to upgrade the affected component. The identifier VDB-215973 was assigned to this vulnerability.	2022-12-16	not yet calculated	CVE-2022-4564 N/A N/A N/A N/A
dromara — hutool	A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.8.11 is able to address this issue. It is recommended to upgrade the affected component. VDB-215974 is the identifier assigned to this vulnerability.	2022-12-16	not yet calculated	CVE-2022-4565 MISC MISC
y_project — ruoyi	A vulnerability, which was classified as critical, has been found in y_project RuoYi 4.7.5. This issue affects some unknown processing of the file com/ruoyi/generator/controller/GenController. The manipulation leads to sql injection. The name of the patch is 167970e5c4da7bb46217f576dc50622b83f32b40. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215975.	2022-12-16	not yet calculated	CVE-2022-4566 MISC MISC MISC MISC
openemr — openemr	Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.	2022-12-17	not yet calculated	CVE-2022-4567 CONFIRM MISC
ubi_reader — ubi_reader	A vulnerability, which was classified as problematic, has been found in UBI Reader up to 0.8.0. Affected by this issue is the function ubireader_extract_files of the file ubireader/ubifs/output.py of the component UBIFS File Handler. The manipulation leads to path traversal. The attack may be launched remotely. Upgrading to version 0.8.5 is able to address this issue. The name of the patch is d5d68e6b1b9f7070c29df5f67fc060f579ae9139. It is recommended to upgrade the affected component. VDB-216146 is the identifier assigned to this vulnerability.	2022-12-17	not yet calculated	CVE-2022-4572 MISC MISC MISC MISC
sharp — multifunction_printers	Command injection vulnerability in nw_interface.html in SHARP multifunction printers (MFPs)’s Digital Full-color Multifunctional System 202 or earlier, 120 or earlier, 600 or earlier, 121 or earlier, 500 or earlier, 402 or earlier, 790 or earlier, and Digital Multifunctional System (Monochrome) 200 or earlier, 211 or earlier, 102 or earlier, 453 or earlier, 400 or earlier, 202 or earlier, 602 or earlier, 500 or earlier, 401 or earlier allows remote attackers to execute arbitrary commands via unspecified vectors.	2022-12-16	not yet calculated	CVE-2022-45796 MISC
mind-map — mind-map	A vulnerability was found in 1j01 mind-map and classified as problematic. This issue affects some unknown processing of the file app.coffee. The manipulation of the argument html leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 9617e6084dfeccd92079ab4d7f439300a4b24394. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216167.	2022-12-17	not yet calculated	CVE-2022-4581 N/A N/A
starter-public-edition-4 — starter-public-edition-4	A vulnerability was found in starter-public-edition-4 up to 4.6.10. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 4.6.11 is able to address this issue. The name of the patch is 2606983c20f6ea3430ac4b36b3d2e88aafef45da. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216168.	2022-12-17	not yet calculated	CVE-2022-4582 N/A N/A N/A
jlems — jlems	A vulnerability was found in jLEMS. It has been declared as critical. Affected by this vulnerability is the function unpackJar of the file src/main/java/org/lemsml/jlems/io/util/JUtil.java. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is 8c224637d7d561076364a9e3c2c375daeaf463dc. It is recommended to apply a patch to fix this issue. The identifier VDB-216169 was assigned to this vulnerability.	2022-12-17	not yet calculated	CVE-2022-4583 N/A N/A N/A
axiomatic — bento4	A vulnerability was found in Axiomatic Bento4. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-216170 is the identifier assigned to this vulnerability.	2022-12-17	not yet calculated	CVE-2022-4584 N/A N/A N/A
opencaching_deutschland — oc-server3	A vulnerability classified as problematic has been found in Opencaching Deutschland oc-server3. This affects an unknown part of the file htdocs/templates2/ocstyle/start.tpl of the component Cookie Handler. The manipulation of the argument usercountryCode leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is c720f2777a452186c67ef30db3679dd409556544. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216171.	2022-12-17	not yet calculated	CVE-2022-4585 N/A N/A N/A
opencaching_deutschland — oc-server3	A vulnerability classified as problematic was found in Opencaching Deutschland oc-server3. This vulnerability affects unknown code of the file htdocs/templates2/ocstyle/cachelists.tpl of the component Cachelist Handler. The manipulation of the argument name_filter/by_filter leads to cross site scripting. The attack can be initiated remotely. The name of the patch is a9f79c7da78cd24a7ef1d298e6bc86006972ea73. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216172.	2022-12-17	not yet calculated	CVE-2022-4586 N/A N/A N/A
opencaching_deutschland — oc-server3	A vulnerability, which was classified as problematic, has been found in Opencaching Deutschland oc-server3. This issue affects some unknown processing of the file htdocs/templates2/ocstyle/login.tpl of the component Login Page. The manipulation of the argument username leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 3296ebd61e7fe49e93b5755d5d7766d6e94a7667. It is recommended to apply a patch to fix this issue. The identifier VDB-216173 was assigned to this vulnerability.	2022-12-17	not yet calculated	CVE-2022-4587 N/A N/A N/A
boston_sleep — slice	A vulnerability, which was classified as problematic, was found in Boston Sleep slice up to 84.2.0. Affected is an unknown function of the component Layout Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 85.0.0 is able to address this issue. The name of the patch is 6523bb17d889e2ab13d767f38afefdb37083f1d0. It is recommended to upgrade the affected component. VDB-216174 is the identifier assigned to this vulnerability.	2022-12-17	not yet calculated	CVE-2022-4588 N/A N/A N/A
cyface — terms_and_conditions_module	A vulnerability has been found in cyface Terms and Conditions Module up to 2.0.10 and classified as problematic. Affected by this vulnerability is the function returnTo of the file termsandconditions/views.py. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading to version 2.0.11 is able to address this issue. The name of the patch is 03396a1c2e0af95e12a45c5faef7e47a4b513e1a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216175.	2022-12-17	not yet calculated	CVE-2022-4589 N/A N/A N/A N/A
mschaef — toto	A vulnerability was found in mschaef toto up to 1.4.20. It has been classified as problematic. This affects an unknown part of the component Todo List Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.4.21 is able to address this issue. The name of the patch is fdc825ac5249f40683377e8a526a06cdc6870125. It is recommended to upgrade the affected component. The identifier VDB-216177 was assigned to this vulnerability.	2022-12-17	not yet calculated	CVE-2022-4590 N/A N/A N/A
mschaef — toto	A vulnerability was found in mschaef toto up to 1.4.20. It has been declared as problematic. This vulnerability affects unknown code of the component Email Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.21 is able to address this issue. The name of the patch is 1f27f37c1a06f54a76971f70eaa6139dc139bdf9. It is recommended to upgrade the affected component. VDB-216178 is the identifier assigned to this vulnerability.	2022-12-17	not yet calculated	CVE-2022-4591 N/A N/A N/A
siemens — multiple_products	A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions < V3.5.5), APOGEE PXC Series (P2 Ethernet) (All versions < V2.8.20), TALON TC Series (BACnet) (All versions < V3.5.5). A low privilege authenticated attacker with network access to the integrated web server could download sensitive information from the device containing user account credentials.	2022-12-13	not yet calculated	CVE-2022-45937 CONFIRM
alist — alist	Alist v3.4.0 is vulnerable to Directory Traversal,	2022-12-15	not yet calculated	CVE-2022-45969 MISC
tenda — ac15	Tenda AC15 V15.03.06.23 is vulnerable to Buffer Overflow via function formSetClientState.	2022-12-16	not yet calculated	CVE-2022-46109 MISC
aerocms — aerocms	In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=edit_post , through which we can upload webshell and control the web server.	2022-12-16	not yet calculated	CVE-2022-46135 MISC
aerocms — aerocms	AeroCMS v0.0.1 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (remote). The component is: AeroCMS v0.0.1.	2022-12-16	not yet calculated	CVE-2022-46137 MISC
siemens — scalance	Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.	2022-12-13	not yet calculated	CVE-2022-46140 CONFIRM
siemens — scalance	Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.	2022-12-13	not yet calculated	CVE-2022-46142 CONFIRM
siemens — scalance	Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.	2022-12-13	not yet calculated	CVE-2022-46143 CONFIRM
x.org — x.org	A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. This issue does not affect systems where client and server use the same byte order.	2022-12-14	not yet calculated	CVE-2022-46340 MISC MISC FEDORA FEDORA
x.org — x.org	A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.	2022-12-14	not yet calculated	CVE-2022-46341 MISC MISC FEDORA FEDORA
x.org — x.org	A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se	2022-12-14	not yet calculated	CVE-2022-46342 MISC MISC FEDORA FEDORA
x.org — x.org	A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.	2022-12-14	not yet calculated	CVE-2022-46343 MISC MISC FEDORA FEDORA
x.org — x.org	A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.	2022-12-14	not yet calculated	CVE-2022-46344 MISC MISC FEDORA FEDORA
mbed_tls — mbed_tls	An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.	2022-12-15	not yet calculated	CVE-2022-46392 MISC MISC
mbed_tls — mbed_tls	An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.	2022-12-15	not yet calculated	CVE-2022-46393 MISC MISC MISC
atos — unify	A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager (8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4) that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to the system.	2022-12-13	not yet calculated	CVE-2022-46404 MISC MISC
totolink — a7100ru	TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.	2022-12-15	not yet calculated	CVE-2022-46631 MISC
totolink — a7100ru	TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.	2022-12-15	not yet calculated	CVE-2022-46634 MISC
rockwell_automation — micrologix_controllers	Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an unauthenticated stored cross-site scripting vulnerability in the embedded webserver. The payload is transferred to the controller over SNMP and is rendered on the homepage of the embedded website.	2022-12-16	not yet calculated	CVE-2022-46670 MISC
apple — multiple_products	A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-46689 MISC MISC MISC MISC MISC MISC MISC
apple — multiple_products	An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-46690 MISC MISC MISC MISC
apple — multiple_products	A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.	2022-12-15	not yet calculated	CVE-2022-46691 MISC MISC MISC MISC MISC MISC
apple — multiple_products	A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy.	2022-12-15	not yet calculated	CVE-2022-46692 MISC MISC MISC MISC MISC MISC MISC
apple — multiple_products	An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution.	2022-12-15	not yet calculated	CVE-2022-46693 MISC MISC MISC MISC MISC
apple — multiple_products	An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution.	2022-12-15	not yet calculated	CVE-2022-46694 MISC MISC MISC MISC
apple — multiple_products	A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Visiting a website that frames malicious content may lead to UI spoofing.	2022-12-15	not yet calculated	CVE-2022-46695 MISC MISC MISC MISC MISC
apple — multiple_products	A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.	2022-12-15	not yet calculated	CVE-2022-46696 MISC MISC MISC MISC MISC
apple — macos	An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-46697 MISC
apple — ios_and_ipados	A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information.	2022-12-15	not yet calculated	CVE-2022-46698 MISC MISC MISC MISC MISC MISC
apple — multiple_products	A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.	2022-12-15	not yet calculated	CVE-2022-46699 MISC MISC MISC MISC MISC
apple — multiple_products	A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.	2022-12-15	not yet calculated	CVE-2022-46700 MISC MISC MISC MISC MISC MISC
apple — multiple_products	The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges.	2022-12-15	not yet calculated	CVE-2022-46701 MISC MISC MISC
apple — multiple_products	The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to disclose kernel memory.	2022-12-15	not yet calculated	CVE-2022-46702 MISC
zabbix — web_service_report_generation	Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files.	2022-12-15	not yet calculated	CVE-2022-46768 CONFIRM
apache — zeppelin	An Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Apache Zeppelin allows logged-in users to execute arbitrary javascript in other users’ browsers. This issue affects Apache Zeppelin before 0.8.2. Users are recommended to upgrade to a supported version of Zeppelin.	2022-12-16	not yet calculated	CVE-2022-46870 MISC
netgear — nighthawk	The “puhttpsniff” service, which runs by default, is susceptible to command injection due to improperly sanitized user input. An unauthenticated attacker on the same network segment as the router can execute arbitrary commands on the device without authentication.	2022-12-16	not yet calculated	CVE-2022-47208 MISC
netgear — nighthawk	A support user exists on the device and appears to be a backdoor for Technical Support staff. The default password for this account is “support” and cannot be changed by a user via any normally accessible means.	2022-12-16	not yet calculated	CVE-2022-47209 MISC
netgear — nighthawk	The default console presented to users over telnet (when enabled) is restricted to a subset of commands. Commands issued at this console, however, appear to be fed directly into a system call or other similar function. This allows any authenticated user to execute arbitrary commands on the device.	2022-12-16	not yet calculated	CVE-2022-47210 MISC
sick — sick_sim2000st	Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby affecting the confidentiality integrity and availability of the system. An attacker can expect repeatable success by exploiting the vulnerability. The recommended solution is to update the firmware to a version >= 1.13.4 as soon as possible (available in SICK Support Portal).	2022-12-16	not yet calculated	CVE-2022-47377 MISC
typo3 — typo3	An issue was discovered in the fe_change_pwd (aka Change password for frontend users) extension before 2.0.5, and 3.x before 3.0.3, for TYPO3. The extension fails to revoke existing sessions for the current user when the password has been changed.	2022-12-14	not yet calculated	CVE-2022-47406 MISC

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

CISA Releases Forty-One Industrial Control Systems Advisories

Post author By admin
Post date December 15, 2022

Original release date: December 15, 2022

CISA has released forty-one (41) Industrial Control Systems (ICS) advisories on 15 December 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

CISA Consolidates Twitter Accounts

Post author By admin
Post date December 15, 2022

Original release date: December 15, 2022

CISA has consolidated its social media presence on Twitter. Three accounts — @ICSCERT, @Cyber, and @CISAInfraSec — are no longer active. Additionally, the @USCERT_gov Twitter account is now renamed @CISACyber. The following current active Twitter accounts will include posts on content previously covered on the now-inactive accounts.

@CISACyber will cover updates relevant to the industrial control systems community along with the latest vulnerability management info, threat analysis, and other info relevant to the cybersecurity community.
@CISAgov will continue to provide agencywide content or non-urgent ICS updates.
@CISAJen will continue to include posts across a variety of topics coming straight from the CISA director.
CISA encourages followers of the @ICSCERT, @Cyber, and @CISAInfraSec Twitter accounts to follow @CISACyber and @CISAgovTwitter accounts to keep receiving important CISA messages and information.

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

Drupal Releases Security Updates to Address Vulnerabilities in H5P and File (Field) Paths

Post author By admin
Post date December 15, 2022

Original release date: December 15, 2022

Drupal has released security updates to address vulnerabilities affecting H5P and the File (Field) Paths modules for Drupal 7.x. An attacker could exploit these vulnerabilities to access sensitive information and remotely execute code.

CISA encourages users and administrators to review Drupal’s security advisories SA-CONTRIB-2022-064 and SA-CONTRIB-2022-065 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

Microsoft Releases December 2022 Security Updates

Post author By admin
Post date December 13, 2022

Original release date: December 13, 2022

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review Microsoft’s December 2022 Security Update Guide and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

CISA Updates Advisory on #StopRansomware: Cuba Ransomware

Post author By admin
Post date December 13, 2022

Original release date: December 13, 2022

The Federal Bureau of Investigation (FBI) and CISA have updated joint Cybersecurity Advisory AA22-335A: #StopRansomware: Cuba Ransomware, originally released on December 01, 2022. The advisory has been updated to include additional indicators of compromise (IOCs).

CISA encourages organizations to review the latest update to AA22-335A and apply the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

Citrix Releases Security Updates for Citrix ADC, Citrix Gateway

Post author By admin
Post date December 13, 2022

Original release date: December 13, 2022

Citrix has released security updates to address a critical vulnerability (CVE-2022-27518) in Citrix ADC and Citrix Gateway. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability has been exploited in the wild.

CISA encourages users and administrators to review Citrix security bulletin CTX457836 and Citrix’s blog post for more information and to apply the necessary updates. Additionally, CISA urges organizations to review NSA’s advisory APT5: Citrix ADC Threat Hunting Guidance for detection and mitigation guidance against tools employed by a malicious actor targeting vulnerable Citrix ADC systems.

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

Vulnerability Summary for the Week of December 5, 2022

Post author By admin
Post date December 12, 2022

Original release date: December 12, 2022

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
activerecord_project — activerecord	A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE.	2022-12-05	9.8	CVE-2022-32224 MISC MISC
algan — prens_student_information_system	Algan YazÄ±lÄ±m Prens Student Information System product has an unauthenticated SQL Injection vulnerability.	2022-12-02	9.8	CVE-2022-2807 CONFIRM
algan — prens_student_information_system	Algan Yaz?l?m Prens Student Information System product has an authenticated Insecure Direct Object Reference (IDOR) vulnerability.	2022-12-02	8.8	CVE-2022-2808 CONFIRM
amentotech — workreap	The Workreap WordPress theme before 2.6.3 has a vulnerability with the notifications feature as it’s possible to read any user’s notification (employer or freelancer) as the notification ID is brute-forceable.	2022-12-05	7.5	CVE-2022-3846 MISC
ami — megarac_sp-x	MegaRAC Default Credentials Vulnerability	2022-12-05	9.8	CVE-2022-40242 MISC
ami — megarac_sp-x	AMI MegaRAC Redfish Arbitrary Code Execution	2022-12-05	9.8	CVE-2022-40259 MISC
ami — megarac_sp-x	AMI MegaRAC User Enumeration Vulnerability	2022-12-05	7.5	CVE-2022-2827 MISC
apache — camel	The camel-ldap component allows LDAP Injection when using the filter option. Users are recommended to either move to the Camel-Spring-Ldap component (which is not affected) or upgrade to 3.14.6 or 3.18.4.	2022-12-05	9.8	CVE-2022-45046 CONFIRM MLIST
apache — tapestry	UNSUPPORTED WHEN ASSIGNED Apache Tapestry 3.x allows deserialization of untrusted data, leading to remote code execution. This issue is similar to but distinct from CVE-2020-17531, which applies the the (also unsupported) 4.x version line. NOTE: This vulnerability only affects Apache Tapestry version line 3.x, which is no longer supported by the maintainer. Users are recommended to upgrade to a supported version line of Apache Tapestry.	2022-12-02	9.8	CVE-2022-46366 CONFIRM MLIST MISC
avast — avast	A vulnerability within the malware removal functionality of Avast and AVG Antivirus allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avast and AVG Antivirus version 22.10.	2022-12-06	8.8	CVE-2022-4173 MISC
ayacms_project — ayacms	AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).	2022-12-07	9.8	CVE-2022-45550 MISC MISC
ayacms_project — ayacms	AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.	2022-12-06	8.8	CVE-2022-45548 MISC
background_management_system_project — background_management_system	A vulnerability was found in Shaoxing Background Management System. It has been declared as critical. This vulnerability affects unknown code of the file /Default/Bd. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-214774 is the identifier assigned to this vulnerability.	2022-12-03	9.8	CVE-2022-4277 N/A N/A
beappsmobile — pc_keyboard_wifi&bluetooth	PC Keyboard allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	2022-12-05	9.8	CVE-2022-45479 MISC
cacti — cacti	Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. After this, it is verified that an entry within the `poller` table exists, where the hostname corresponds to the resolved hostname. If such an entry was found, the function returns `true` and the client is authorized. This authorization can be bypassed due to the implementation of the `get_client_addr` function. The function is defined in the file `lib/functions.php` and checks serval `$_SERVER` variables to determine the IP address of the client. The variables beginning with `HTTP_` can be arbitrarily set by an attacker. Since there is a default entry in the `poller` table with the hostname of the server running Cacti, an attacker can bypass the authentication e.g. by providing the header `Forwarded-For: <TARGETIP>`. This way the function `get_client_addr` returns the IP address of the server running Cacti. The following call to `gethostbyaddr` will resolve this IP address to the hostname of the server, which will pass the `poller` hostname check because of the default entry. After the authorization of the `remote_agent.php` file is bypassed, an attacker can trigger different actions. One of these actions is called `polldata`. The called function `poll_for_data` retrieves a few request parameters and loads the corresponding `poller_item` entries from the database. If the `action` of a `poller_item` equals `POLLER_ACTION_SCRIPT_PHP`, the function `proc_open` is used to execute a PHP script. The attacker-controlled parameter `$poller_id` is retrieved via the function `get_nfilter_request_var`, which allows arbitrary strings. This variable is later inserted into the string passed to `proc_open`, which leads to a command injection vulnerability. By e.g. providing the `poller_id=;id` the `id` command is executed. In order to reach the vulnerable call, the attacker must provide a `host_id` and `local_data_id`, where the `action` of the corresponding `poller_item` is set to `POLLER_ACTION_SCRIPT_PHP`. Both of these ids (`host_id` and `local_data_id`) can easily be bruteforced. The only requirement is that a `poller_item` with an `POLLER_ACTION_SCRIPT_PHP` action exists. This is very likely on a productive instance because this action is added by some predefined templates like `Device – Uptime` or `Device – Polling Time`. This command injection vulnerability allows an unauthenticated user to execute arbitrary commands if a `poller_item` with the `action` type `POLLER_ACTION_SCRIPT_PHP` (`2`) is configured. The authorization bypass should be prevented by not allowing an attacker to make `get_client_addr` (file `lib/functions.php`) return an arbitrary IP address. This could be done by not honoring the `HTTP_…` `$_SERVER` variables. If these should be kept for compatibility reasons it should at least be prevented to fake the IP address of the server running Cacti. This vulnerability has been addressed in both the 1.2.x and 1.3.x release branches with `1.2.23` being the first release containing the patch.	2022-12-05	9.8	CVE-2022-46169 MISC MISC MISC MISC
casbin — casdoor	Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function.	2022-12-07	8.1	CVE-2022-44942 MISC
clastix — capsule	Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with `PATCH` capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule Operator and removing all the enforcement like Pod Security annotations, Network Policies, Limit Range and Resource Quota items. An attacker could detach the Namespace from a Tenant that is forbidding starting privileged Pods using the Pod Security labels by removing the OwnerReference, removing the enforcement labels, and being able to start privileged containers that would be able to start a generic Kubernetes privilege escalation. Patches have been released for version 0.1.3. No known workarounds are available.	2022-12-02	8.8	CVE-2022-46167 MISC MISC MISC MISC
clerk — clerk.io	The Clerk WordPress plugin before 4.0.0 is affected by time-based attacks in the validation function for all API requests due to the usage of comparison operators to verify API keys against the ones stored in the site options.	2022-12-05	7.5	CVE-2022-3907 MISC
concretecms — concrete_cms	ConcreteCMS v9.1.3 was discovered to be vulnerable to Xpath injection attacks. This vulnerability allows attackers to access sensitive XML data via a crafted payload injected into the URL path folder “3”.	2022-12-05	7.5	CVE-2022-46464 MISC
craftcms — craft_cms	All Craft CMS versions between 3.0.0 and 3.7.32 disclose password hashes of users who authenticate using their E-Mail address or username in Anti-CSRF-Tokens. Craft CMS uses a cookie called CRAFT_CSRF_TOKEN and a HTML hidden field called CRAFT_CSRF_TOKEN to avoid Cross Site Request Forgery attacks. The CRAFT_CSRF_TOKEN cookie discloses the password hash in without encoding it whereas the corresponding HTML hidden field discloses the users’ password hash in a masked manner, which can be decoded by using public functions of the YII framework.	2022-12-05	7.5	CVE-2022-37783 MISC
cybozu — cybozu_remote_service	Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.0.0 to 4.0.3 allows a remote authenticated attacker to consume huge storage space, which may result in a denial-of-service (DoS) condition.	2022-12-07	7.5	CVE-2022-44608 MISC MISC
d-link — dhp-w310av_firmware	D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the System Checks function.	2022-12-02	9.8	CVE-2022-44930 MISC
d-link — dvg-g5402sp_firmware	D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the Maintenance function.	2022-12-02	9.8	CVE-2022-44928 MISC
d-link — dvg-g5402sp_firmware	An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles.	2022-12-02	9.8	CVE-2022-44929 MISC
dottech — smart_campus_system	A vulnerability, which was classified as problematic, has been found in Dot Tech Smart Campus System. Affected by this issue is some unknown functionality of the file /services/Card/findUser. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-214778 is the identifier assigned to this vulnerability.	2022-12-03	7.5	CVE-2022-4280 N/A N/A
duxcms_project — duxcms	A vulnerability was found in annyshow DuxCMS 2.1. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-215116.	2022-12-08	8	CVE-2020-36610 MISC MISC
elbtide — advanced_booking_calendar	Unauth. SQL Injection (SQLi) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress.	2022-12-05	9.8	CVE-2022-45822 MISC
f5 — big-iq_centralized_management	In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.	2022-12-07	8.8	CVE-2022-41622 MISC
facepay_project — facepay	A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /face-recognition-php/facepay-master/camera.php. The manipulation of the argument userId leads to authorization bypass. The attack can be launched remotely. The identifier VDB-214789 was assigned to this vulnerability.	2022-12-05	8.8	CVE-2022-4281 N/A
force1rc — discovery_wifi_u818a_hd+_fpv_firmware	Buffer overflow in firmware lewei_cam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet. Please update the Reference section to these links > http://thiscomputer.com/ > https://www.bostoncyber.org/ > https://medium.com/@meekworth/exploiting-the-lw9621-drone-camera-module-773f00081368	2022-12-06	9.8	CVE-2022-40918 MISC MISC
fortinet — fortiadc	An improper neutralization of special elements used in an SQL Command (‘SQL Injection’) vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.	2022-12-06	8.8	CVE-2022-33875 MISC
fortinet — fortideceptor	An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to 4.0.2, 3.2.0 to 3.2.3 and 3.1.0 to 3.1.5 and FortiDeceptor versions 4.2.0, 4.1.0 through 4.1.1, 4.0.0 through 4.0.2, 3.3.0 through 3.3.3, 3.2.0 through 3.2.2,3.1.0 through 3.1.1 and 3.0.0 through 3.0.2 may allow a remote attacker to repeatedly enter incorrect credentials without causing a log entry, and with no limit on the number of failed authentication attempts.	2022-12-06	7.5	CVE-2022-30305 MISC
fortinet — fortiproxy	An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.	2022-12-06	9.8	CVE-2022-35843 MISC
franklinfueling — colibri_firmware	Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). ¶¶ An attacker can overwrite system files like [system.conf] and [passwd], this occurs because the insecure usage of “fopen” system function with the mode “wb” which allows overwriting file if exists. Overwriting files such as passwd, allows an attacker to escalate his privileges by planting backdoor user with root privilege or change root password.	2022-12-05	9.8	CVE-2022-44039 MISC
fsi — fs040u_firmware	Cross-site request forgery (CSRF) vulnerability in +F FS040U software versions v2.3.4 and earlier, +F FS020W software versions v4.0.0 and earlier, +F FS030W software versions v3.3.5 and earlier, and +F FS040W software versions v1.4.1 and earlier allows an adjacent attacker to hijack the authentication of an administrator and user’s unintended operations such as to reboot the product and/or reset the configuration to the initial set-up may be performed.	2022-12-05	7.3	CVE-2022-43470 MISC MISC MISC MISC MISC
galaxyproject — galaxy	Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galaxy is running. This vulnerability affects Galaxy 22.01 and higher, after the switch to gunicorn, which serve static contents directly. Additionally, the vulnerability is mitigated when using Nginx or Apache to serve /static/* contents, instead of Galaxy’s internal middleware. This issue has been patched in commit `e5e6bda4f` and will be included in future releases. Users are advised to manually patch their installations. There are no known workarounds for this vulnerability.	2022-12-06	7.5	CVE-2022-23470 MISC MISC
ge — cimplicity	GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.	2022-12-07	7.8	CVE-2022-2002 MISC
ge — cimplicity	GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code.	2022-12-07	7.8	CVE-2022-2948 MISC
ge — cimplicity	GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.	2022-12-07	7.8	CVE-2022-2952 MISC
ge — cimplicity	GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code.	2022-12-08	7.8	CVE-2022-3084 MISC
ge — cimplicity	GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code.	2022-12-08	7.8	CVE-2022-3092 MISC
gitpython_project — gitpython	All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments.	2022-12-06	9.8	CVE-2022-24439 CONFIRM CONFIRM
goauthentik — authentik	authentik is an open-source identity provider. Versions prior to 2022.11.2 and 2022.10.2 are vulnerable to unauthorized user creation and potential account takeover. With the default flows, unauthenticated users can create new accounts in authentik. If a flow exists that allows for email-verified password recovery, this can be used to overwrite the email address of admin accounts and take over their accounts. authentik 2022.11.2 and 2022.10.2 fix this issue. As a workaround, a policy can be created and bound to the `default-user-settings-flow flow` with the contents `return request.user.is_authenticated`.	2022-12-02	9.8	CVE-2022-46145 MISC MISC MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39090 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39091 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39092 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39093 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39094 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39095 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39096 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39097 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39098 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39099 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39100 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39101 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-39102 MISC
google — android	In UscAIEngine service, there is a missing permission check. This could lead to set up UscAIEngine service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-42776 MISC
google — android	In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-42777 MISC
google — android	In windows manager service, there is a missing permission check. This could lead to set up windows manager service with no additional execution privileges needed.	2022-12-06	7.8	CVE-2022-42778 MISC
google — chrome	Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2022-12-02	8.8	CVE-2022-4262 MISC MISC
google — tensorflow	TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1.	2022-12-06	9.1	CVE-2022-41902 MISC MISC CONFIRM
google — tensorflow	TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1.	2022-12-06	9.1	CVE-2022-41910 MISC CONFIRM MISC
gpac — gpac	GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c.	2022-12-06	7.8	CVE-2022-45283 MISC
hasura — graphql_engine	Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. (Versions before 2.10.0 are unaffected.)	2022-12-08	8.8	CVE-2022-46792 MISC MISC MISC
haxx — curl	When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.	2022-12-05	9.8	CVE-2022-32221 MISC
hope-boot_project — hope-boot	hope-boot 1.0.0 has a deserialization vulnerability that can cause Remote Code Execution (RCE).	2022-12-07	9.8	CVE-2022-44371 MISC
hornerautomation — rcc972_firmware	Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow an attacker to perform unauthorized changes to the device, remotely execute arbitrary code, or cause a denial-of-service condition.	2022-12-02	9.8	CVE-2022-2641 MISC
hornerautomation — rcc972_firmware	The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. This could allow an attacker to obtain credentials to run services such as File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP).	2022-12-02	7.5	CVE-2022-2640 MISC
hornerautomation — rcc972_firmware	Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.	2022-12-02	7.5	CVE-2022-2642 MISC
house_rental_system_project — house_rental_system	A vulnerability, which was classified as critical, was found in House Rental System. Affected is an unknown function of the file /view-property.php. The manipulation of the argument property_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-214770 is the identifier assigned to this vulnerability.	2022-12-03	9.8	CVE-2022-4274 N/A N/A
house_rental_system_project — house_rental_system	A vulnerability has been found in House Rental System and classified as critical. Affected by this vulnerability is an unknown functionality of the file search-property.php of the component POST Request Handler. The manipulation of the argument search_property leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214771.	2022-12-03	9.8	CVE-2022-4275 N/A N/A
house_rental_system_project — house_rental_system	A vulnerability was found in House Rental System and classified as critical. Affected by this issue is some unknown functionality of the file tenant-engine.php of the component POST Request Handler. The manipulation of the argument id_photo leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214772.	2022-12-03	9.8	CVE-2022-4276 N/A N/A
human_resource_management_system_project — human_resource_management_system	A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the file /hrm/controller/employee.php of the component Content-Type Handler. The manipulation of the argument pfimg leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214769 was assigned to this vulnerability.	2022-12-03	9.8	CVE-2022-4273 MISC MISC
human_resource_management_system_project — human_resource_management_system	A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /hrm/employeeadd.php. The manipulation of the argument empid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214775.	2022-12-03	7.2	CVE-2022-4278 N/A N/A
ibm — content_navigator	IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805.	2022-12-07	8.8	CVE-2022-43581 MISC MISC
ibm — spectrum_scale_container_native_storage_access	IBM Spectrum Scale 5.1.0.1 through 5.1.4.1 could allow a local attacker to execute arbitrary commands in the container. IBM X-Force ID: 239437.	2022-12-06	7.8	CVE-2022-43867 MISC MISC
ibm — sterling_secure_proxy	IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 230522.	2022-12-06	7.5	CVE-2022-34361 MISC MISC
ilias — ilias	ILIAS before 7.16 allows OS Command Injection.	2022-12-07	8.8	CVE-2022-45915 MISC FULLDISC MISC
inksplat — comic_book_management_system	The Comic Book Management System WordPress plugin before 2.2.0 does not sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin.	2022-12-05	7.2	CVE-2022-3856 MISC MISC
ivanti — endpoint_manager	A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privileges.	2022-12-05	9.8	CVE-2022-27773 MISC
ivanti — endpoint_manager	XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain unauthorized privileges.	2022-12-05	7.8	CVE-2022-35259 MISC
joinmastodon — mastodon	Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated messages.	2022-12-04	7.5	CVE-2022-46405 MISC MISC
jrecms — springbootcms	A vulnerability was found in SpringBootCMS and classified as critical. Affected by this issue is some unknown functionality of the component Template Management. The manipulation leads to injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-214790 is the identifier assigned to this vulnerability.	2022-12-05	7.2	CVE-2022-4282 MISC MISC
kodcloud — kodexplorer	Kodexplorer is a chinese language web based file manager and browser based code editor. Versions prior to 4.50 did not prevent unauthenticated users from requesting arbitrary files from the host OS file system. As a result any files available to the host process may be accessed by arbitrary users. This issue has been addressed in version 4.50. Users are advised to upgrade. There are no known workarounds for this issue.	2022-12-06	7.5	CVE-2022-46154 MISC MISC
kujirahand — nadesiko3	OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.	2022-12-05	9.8	CVE-2022-41642 MISC MISC MISC
lazy_mouse_project — lazy_mouse	Lazy Mouse server enforces weak password requirements and doesn’t implement rate limiting, allowing remote unauthenticated users to easily and quickly brute force the PIN and execute arbitrary commands. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	2022-12-02	9.8	CVE-2022-45482 MISC
lzmouse — lazy_mouse	The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	2022-12-05	9.8	CVE-2022-45481 MISC
maku — maku-boot	A vulnerability, which was classified as critical, was found in maku-boot up to 2.2.0. This affects the function doExecute of the file AbstractScheduleJob.java of the component Scheduled Task Handler. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 446eb7294332efca2bfd791bc37281cedac0d0ff. It is recommended to apply a patch to fix this issue. The identifier VDB-215013 was assigned to this vulnerability.	2022-12-07	7.2	CVE-2022-4322 N/A N/A N/A
markdown_preview_enhanced_project — markdown_preview_enhanced	Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom was discovered to contain a command injection vulnerability via the PDF file import function.	2022-12-07	9.8	CVE-2022-45025 MISC
markdown_preview_enhanced_project — markdown_preview_enhanced	An issue in Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom allows attackers to execute arbitrary commands during the GFM export process.	2022-12-07	9.8	CVE-2022-45026 MISC
mikrotik — routeros	Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message.	2022-12-05	9.8	CVE-2022-45313 MISC
mikrotik — routeros	Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet.	2022-12-05	9.8	CVE-2022-45315 MISC
mobatek — mobaxterm	When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service (DoS) for the user if services like fail2ban are used.	2022-12-06	9.1	CVE-2022-38337 MISC MISC
mobatek — mobaxterm	An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication.	2022-12-06	8.1	CVE-2022-38336 MISC
moxa — uc-8580-t-lx_firmware	Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable to shell escape, which enables local attackers with non-superuser credentials to gain full, unrestrictive shell access which may allow an attacker to execute arbitrary code.	2022-12-02	7.6	CVE-2022-3086 MISC
nadesiko3_project — nadesiko3	OS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product and execute an arbitrary OS command on the product.	2022-12-05	9.8	CVE-2022-42496 MISC MISC MISC
nadesiko3_project — nadesiko3	Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the server to crash.	2022-12-05	7.5	CVE-2022-41777 MISC MISC MISC
neutrinolabs — xrdp	xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to upgrade.	2022-12-09	9.8	CVE-2022-23468 MISC
neutrinolabs — xrdp	xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function. There are no known workarounds for this issue. Users are advised to upgrade.	2022-12-09	9.8	CVE-2022-23477 MISC
neutrinolabs — xrdp	xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue. Users are advised to upgrade.	2022-12-09	9.8	CVE-2022-23478 MISC
neutrinolabs — xrdp	xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_mm_chan_data_in() function. There are no known workarounds for this issue. Users are advised to upgrade.	2022-12-09	9.8	CVE-2022-23479 MISC
neutrinolabs — xrdp	xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() function. There are no known workarounds for this issue. Users are advised to upgrade.	2022-12-09	9.8	CVE-2022-23480 MISC
neutrinolabs — xrdp	xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Integer Overflow in xrdp_mm_process_rail_update_window_text() function. There are no known workarounds for this issue. Users are advised to upgrade.	2022-12-09	9.8	CVE-2022-23484 MISC
neutrinolabs — xrdp	xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_caps_process_confirm_active() function. There are no known workarounds for this issue. Users are advised to upgrade.	2022-12-09	9.1	CVE-2022-23481 MISC
neutrinolabs — xrdp	xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function. There are no known workarounds for this issue. Users are advised to upgrade.	2022-12-09	9.1	CVE-2022-23482 MISC
neutrinolabs — xrdp	xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in libxrdp_send_to_channel() function. There are no known workarounds for this issue. Users are advised to upgrade.	2022-12-09	9.1	CVE-2022-23483 MISC
neutrinolabs — xrdp	xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close() function. There are no known workarounds for this issue. Users are advised to upgrade.	2022-12-09	9.1	CVE-2022-23493 MISC
nodebb — nodebb	NodeBB is an open source Node.js based forum software. Due to a plain object with a prototype being used in socket.io message handling a specially crafted payload can be used to impersonate other users and takeover accounts. This vulnerability has been patched in version 2.6.1. Users are advised to upgrade. Users unable to upgrade may cherry-pick commit `48d143921753914da45926cca6370a92ed0c46b8` into their codebase to patch the exploit.	2022-12-05	9.8	CVE-2022-46164 MISC MISC
nodejs — node.js	The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.	2022-12-05	9.8	CVE-2022-35256 MISC
nodejs — node.js	A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it can (and sometimes will) fail. 2) The random data returned byEntropySource() may not be cryptographically strong and therefore not suitable as keying material.	2022-12-05	9.1	CVE-2022-35255 MISC
nodejs — node.js	A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.The fix for this issue in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212 was incomplete and this new CVE is to complete the fix.	2022-12-05	8.1	CVE-2022-43548 MISC
nokogiri — nokogiri	Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri `1.13.8` and `1.13.9` fail to check the return value from `xmlTextReaderExpand` in the method `Nokogiri::XML::Reader#attribute_hash`. This can lead to a null pointer exception when invalid markup is being parsed. For applications using `XML::Reader` to parse untrusted inputs, this may potentially be a vector for a denial of service attack. Users are advised to upgrade to Nokogiri `>= 1.13.10`. Users may be able to search their code for calls to either `XML::Reader#attributes` or `XML::Reader#attribute_hash` to determine if they are affected.	2022-12-08	7.5	CVE-2022-23476 MISC MISC MISC
nttdata — terasoluna_server_framework_for_java_(rich)	TERASOLUNA Global Framework 1.0.0 (Public review version) and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an improper input validation issue in the binding mechanism of Spring MVC. By the application processing a specially crafted file, arbitrary code may be executed with the privileges of the application.	2022-12-05	7.8	CVE-2022-43484 MISC MISC MISC
offis — dcmtk	DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.	2022-12-02	7.5	CVE-2022-43272 MISC MISC
omron — cx-programmer	Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.	2022-12-07	7.8	CVE-2022-43508 MISC MISC
omron — cx-programmer	Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.	2022-12-07	7.8	CVE-2022-43509 MISC MISC
omron — cx-programmer	Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.	2022-12-07	7.8	CVE-2022-43667 MISC MISC
online_leave_management_system_project — online_leave_management_system	Online Leave Management System v1.0 was discovered to contain an arbitrary file upload vulnerability at /leave_system/classes/SystemSettings.php?f=update_settings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.	2022-12-07	7.2	CVE-2022-45009 MISC
paddlepaddle — paddlepaddle	Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution.	2022-12-07	9.8	CVE-2022-46742 MISC
paddlepaddle — paddlepaddle	Out-of-bounds read in gather_tree in PaddlePaddle before 2.4.	2022-12-07	9.1	CVE-2022-46741 MISC
passeo_project — passeo	Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python `random` library for random value selection. The python `random` library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator. As a result a motivated attacker may be able to guess generated passwords. This issue has been addressed in version 1.0.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.	2022-12-06	7.5	CVE-2022-23472 MISC MISC MISC
pdfmake_project — pdfmake	pdfmake is an open source client/server side PDF printing in pure JavaScript. In versions up to and including 0.2.5 pdfmake contains an unsafe evaluation of user controlled input. Users of pdfmake are thus subject to arbitrary code execution in the context of the process running the pdfmake code. There are no known fixes for this issue. Users are advised to restrict access to trusted user input.	2022-12-06	9.8	CVE-2022-46161 MISC MISC
postmagthemes — postmagthemes_demo_import	The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files (such as PHP) leading to RCE.	2022-12-05	7.2	CVE-2022-1540 MISC
premio — chaty	The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button WordPress plugin before 3.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin.	2022-12-05	7.2	CVE-2022-3858 MISC
proofpoint — enterprise_protection	The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.	2022-12-06	9.6	CVE-2022-46332 MISC
proofpoint — enterprise_protection	The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. This affects all versions 8.19.0 and below.	2022-12-06	7.2	CVE-2022-46333 MISC
protocol — libp2p	libp2p-rust is the official rust language Implementation of the libp2p networking stack. In versions prior to 0.45.1 an attacker node can cause a victim node to allocate a large number of small memory chunks, which can ultimately lead to the victim’s process running out of memory and thus getting killed by its operating system. When executed continuously, this can lead to a denial of service attack, especially relevant on a larger scale when run against more than one node of a libp2p based network. Users are advised to upgrade to `libp2p` `v0.45.1` or above. Users unable to upgrade should reference the DoS Mitigation page for more information on how to incorporate mitigation strategies, monitor their application, and respond to attacks: https://docs.libp2p.io/reference/dos-mitigation/.	2022-12-07	7.5	CVE-2022-23486 MISC
protocol — libp2p	js-libp2p is the official javascript Implementation of libp2p networking stack. Versions older than `v0.38.0` of js-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory management. An attacker can cause the allocation of large amounts of memory, ultimately leading to the process getting killed by the host’s operating system. While a connection manager tasked with keeping the number of connections within manageable limits has been part of js-libp2p, this component was designed to handle the regular churn of peers, not a targeted resource exhaustion attack. Users are advised to update their js-libp2p dependency to `v0.38.0` or greater. There are no known workarounds for this vulnerability.	2022-12-07	7.5	CVE-2022-23487 MISC
protocol — libp2p	go-libp2p is the offical libp2p implementation in the Go programming language. Version `0.18.0` and older of go-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory management. An attacker can cause the allocation of large amounts of memory, ultimately leading to the process getting killed by the host’s operating system. While a connection manager tasked with keeping the number of connections within manageable limits has been part of go-libp2p, this component was designed to handle the regular churn of peers, not a targeted resource exhaustion attack. Users are advised to upgrade their version of go-libp2p to version `0.18.1` or newer. Users unable to upgrade may consult the denial of service (dos) mitigation page for more information on how to incorporate mitigation strategies, monitor your application, and respond to attacks.	2022-12-08	7.5	CVE-2022-23492 MISC MISC MISC
proxmox — proxmox_mail_gateway	Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when proxying HTTP requests between pve(pmg)proxy and pve(pmg)daemon. An attacker with an unprivileged account can craft an HTTP request to achieve SSRF and file disclosure of any files on the server. Also, in Proxmox Mail Gateway, privilege escalation to the root@pam account is possible if the backup feature has ever been used, because backup files such as pmg-backup_YYYY_MM_DD_*.tgz have 0644 permissions and contain an authkey value. This is fixed in pve-http-server 4.1-3.	2022-12-04	9.8	CVE-2022-35508 MISC MISC MISC MISC
proxmox — proxmox_mail_gateway	A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) web interface allows a remote attacker to set cookies for a victim’s browser that are longer than the server expects, causing a client-side DoS. This affects Chromium-based browsers because they allow injection of response headers with %0d. This is fixed in pve-http-server 4.1-3.	2022-12-04	7.1	CVE-2022-35507 MISC MISC
pulsesecure — pulse_connect_secure	An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.	2022-12-05	7.5	CVE-2022-35254 MISC
pulsesecure — pulse_connect_secure	An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.	2022-12-05	7.5	CVE-2022-35258 MISC
pwndoc_project — pwndoc	An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file.	2022-12-05	8.8	CVE-2022-45771 MISC MISC
py7zr_project — py7zr	A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file.	2022-12-06	9.1	CVE-2022-44900 MISC MISC MISC
quarkus — quarkus	Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in the request.	2022-12-06	9.8	CVE-2022-4147 MISC
rack_project — rack	A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.	2022-12-05	10	CVE-2022-30123 MISC
rack_project — rack	A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.	2022-12-05	7.5	CVE-2022-30122 MISC
rackn — digital_rebar	RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has exposed a privileged token via a public API endpoint (Incorrect Access Control). The token can be used to escalate privileges within the Digital Rebar system and grant full administrative access.	2022-12-06	9.8	CVE-2022-46383 MISC MISC
rackn — digital_rebar	RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has Insecure Permissions. After signing into Digital Rebar, users are issued authentication tokens tied to their account to perform actions within Digital Rebar. During the validation process of these tokens, Digital Rebar did not check if the user account still exists. Deleted Digital Rebar users could still use their tokens to perform actions within Digital Rebar.	2022-12-06	8.8	CVE-2022-46382 MISC
redmine — redmine	Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user.	2022-12-06	7.5	CVE-2022-44030 MISC MISC
rukovoditel — rukovoditel	Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter.	2022-12-02	9.8	CVE-2022-44945 MISC MISC
rukovoditel — rukovoditel	Rukovoditel v3.2.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in the component /rukovoditel/index.php?module=users/login. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.	2022-12-05	8.8	CVE-2022-45020 MISC
samsung — exynos_firmware	Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call.	2022-12-08	7.5	CVE-2022-39902 MISC
sangoma — asterisk	In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash.	2022-12-05	7.5	CVE-2022-37325 MISC
sanitization_management_system_project — sanitization_management_system	Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/view_service&id=.	2022-12-07	7.2	CVE-2022-44393 MISC
seagate — stcg2000300_firmware	The web-management application on Seagate Central NAS STCG2000300, STCG3000300, and STCG4000300 devices allows OS command injection via mv_backend_launch in cirrus/application/helpers/mv_backend_helper.php by leveraging the “start” state and sending a check_device_name request.	2022-12-06	9.8	CVE-2020-6627 MISC MISC MISC
secomea — gatemanager	Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0.	2022-12-06	7.2	CVE-2022-38123 MISC
simple-git_project — simple-git	The package simple-git before 3.15.0 are vulnerable to Remote Code Execution (RCE) when enabling the ext transport protocol, which makes it exploitable via clone() method. This vulnerability exists due to an incomplete fix of [CVE-2022-24066](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-2434306).	2022-12-06	9.8	CVE-2022-25912 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
simple_phone_book/directory_web_app_project — simple_phone_book/directory_web_app	Simple Phone Book/Directory Web App v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /PhoneBook/edit.php.	2022-12-07	9.8	CVE-2022-45010 MISC
skycaiji — skycaiji	Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php.	2022-12-07	9.8	CVE-2022-44351 MISC
slims — senayan_library_management_system	SLiMS 9 Bulian v9.5.0 was discovered to contain a SQL injection vulnerability via the keywords parameter.	2022-12-05	7.5	CVE-2022-45019 MISC
stackstorm — stackstorm	Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn’t check the permissions in Jinja filters, allowing attackers to access K/V pairs of other users, potentially leading to the exposure of sensitive Information.	2022-12-06	7.5	CVE-2022-44009 MISC
swiftterm_project — swiftterm	SwiftTerm is a Xterm/VT100 Terminal emulator. Prior to commit a94e6b24d24ce9680ad79884992e1dff8e150a31, an attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user’s terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. Version a94e6b24d24ce9680ad79884992e1dff8e150a31 contains a patch for this issue. There are no known workarounds available.	2022-12-02	7.8	CVE-2022-23465 MISC MISC
syncee — syncee_-_global_dropshipping	The Syncee WordPress plugin before 1.0.10 leaks the administrator token that can be used to take over the administrator’s account.	2022-12-05	7.5	CVE-2022-3694 MISC
telepad-app — telepad	Telepad allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	2022-12-05	9.8	CVE-2022-45477 MISC
telos — omnia_mpx_node_firmware	Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute arbitrary commands in vulnerable system functions that is requires high privilege to access.	2022-12-02	8.8	CVE-2022-45562 MISC
telosalliance — omnia_mpx_node_firmware	An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* – 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license input.	2022-12-02	9.8	CVE-2022-43325 MISC
tenda — a18_firmware	Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet.	2022-12-08	7.5	CVE-2022-44931 MISC
tenda — a18_firmware	An access control issue in Tenda A18 v15.13.07.09 allows unauthenticated attackers to access the Telnet service.	2022-12-08	7.5	CVE-2022-44932 MISC
tenda — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg.	2022-12-02	7.5	CVE-2022-45641 MISC
tenda — i21_firmware	Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule.	2022-12-02	9.8	CVE-2022-44362 MISC
tenda — i21_firmware	Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setSnmpInfo.	2022-12-02	9.8	CVE-2022-44363 MISC
tenda — i21_firmware	Tenda i21 V1.0.0.14(4656) has a stack overflow vulnerability via /goform/setSysPwd.	2022-12-02	9.8	CVE-2022-44365 MISC
tenda — i21_firmware	Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo.	2022-12-02	9.8	CVE-2022-44366 MISC
tenda — i21_firmware	Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo.	2022-12-02	9.8	CVE-2022-44367 MISC
tenda — i22_firmware	Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function.	2022-12-02	7.5	CVE-2022-45663 MISC
tenda — i22_firmware	Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function.	2022-12-02	7.5	CVE-2022-45664 MISC
tenda — i22_firmware	Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function.	2022-12-02	7.5	CVE-2022-45669 MISC
tenda — i22_firmware	Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.	2022-12-02	7.5	CVE-2022-45670 MISC
tenda — i22_firmware	Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the appData parameter in the formSetAppFilterRule function.	2022-12-02	7.5	CVE-2022-45671 MISC
tenda — i22_firmware	Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the formWx3AuthorizeSet function.	2022-12-02	7.5	CVE-2022-45672 MISC
tenda — w30e_firmware	Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName.	2022-12-08	9.8	CVE-2022-45506 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the cmdinput parameter at /goform/exeCommand.	2022-12-08	7.5	CVE-2022-45505 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the editNameMit parameter at /goform/editFileName.	2022-12-08	7.5	CVE-2022-45507 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the new_account parameter at /goform/editUserName.	2022-12-08	7.5	CVE-2022-45508 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the account parameter at /goform/addUserName.	2022-12-08	7.5	CVE-2022-45509 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the mit_ssid_index parameter at /goform/AdvSetWrlsafeset.	2022-12-08	7.5	CVE-2022-45510 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the PPPOEPassword parameter at /goform/QuickIndex.	2022-12-08	7.5	CVE-2022-45511 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SafeEmailFilter.	2022-12-08	7.5	CVE-2022-45512 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/P2pListFilter.	2022-12-08	7.5	CVE-2022-45513 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/webExcptypemanFilter.	2022-12-08	7.5	CVE-2022-45514 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the entries parameter at /goform/addressNat.	2022-12-08	7.5	CVE-2022-45515 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/NatStaticSetting.	2022-12-08	7.5	CVE-2022-45516 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/VirtualSer.	2022-12-08	7.5	CVE-2022-45517 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SetIpBind.	2022-12-08	7.5	CVE-2022-45518 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the Go parameter at /goform/SafeMacFilter.	2022-12-08	7.5	CVE-2022-45519 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/qossetting.	2022-12-08	7.5	CVE-2022-45520 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SafeUrlFilter.	2022-12-08	7.5	CVE-2022-45521 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SafeClientFilter.	2022-12-08	7.5	CVE-2022-45522 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/L7Im.	2022-12-08	7.5	CVE-2022-45523 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the opttype parameter at /goform/IPSECsave.	2022-12-08	7.5	CVE-2022-45524 MISC
tenda — w30e_firmware	Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the downaction parameter at /goform/CertListInfo.	2022-12-08	7.5	CVE-2022-45525 MISC
tenda — w6-s_firmware	Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the tpi_get_ping_output function at /goform/exeCommand.	2022-12-08	9.8	CVE-2022-45497 MISC
tenda — w6-s_firmware	An issue in the component tpi_systool_handle(0) (/goform/SysToolReboot) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device.	2022-12-08	7.5	CVE-2022-45498 MISC
tenda — w6-s_firmware	Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/WifiMacFilterGet.	2022-12-08	7.5	CVE-2022-45499 MISC
tenda — w6-s_firmware	Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/wifiSSIDset.	2022-12-08	7.5	CVE-2022-45501 MISC
tenda — w6-s_firmware	Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the linkEn parameter at /goform/setAutoPing.	2022-12-08	7.5	CVE-2022-45503 MISC
tenda — w6-s_firmware	An issue in the component tpi_systool_handle(0) (/goform/SysToolRestoreSet) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device.	2022-12-08	7.5	CVE-2022-45504 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the addWifiMacFilter function.	2022-12-02	7.5	CVE-2022-45643 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function.	2022-12-02	7.5	CVE-2022-45644 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function.	2022-12-02	7.5	CVE-2022-45645 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function.	2022-12-02	7.5	CVE-2022-45646 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function.	2022-12-02	7.5	CVE-2022-45647 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function.	2022-12-02	7.5	CVE-2022-45648 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the endIp parameter in the formSetPPTPServer function.	2022-12-02	7.5	CVE-2022-45649 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function.	2022-12-02	7.5	CVE-2022-45650 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function.	2022-12-02	7.5	CVE-2022-45651 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function.	2022-12-02	7.5	CVE-2022-45652 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function.	2022-12-02	7.5	CVE-2022-45653 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function.	2022-12-02	7.5	CVE-2022-45654 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form_fast_setting_wifi_set function.	2022-12-02	7.5	CVE-2022-45655 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.	2022-12-02	7.5	CVE-2022-45656 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.	2022-12-02	7.5	CVE-2022-45657 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedEndTime parameter in the setSchedWifi function.	2022-12-02	7.5	CVE-2022-45658 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.	2022-12-02	7.5	CVE-2022-45659 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function.	2022-12-02	7.5	CVE-2022-45660 MISC
tendacn — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.	2022-12-02	7.5	CVE-2022-45661 MISC
thinkphp — thinkphp	Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell.	2022-12-06	8.8	CVE-2022-44289 MISC
tibco — nimbus	The Web Client component of TIBCO Software Inc.’s TIBCO Nimbus contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.’s TIBCO Nimbus: version 10.5.0.	2022-12-06	9.3	CVE-2022-41559 CONFIRM
ui — edgemax_edgerouter_firmware	A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later.	2022-12-05	8.8	CVE-2022-43553 MISC
unimo — udr-ja1604_firmware	Hidden functionality vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71×10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.	2022-12-07	8.8	CVE-2022-43464 MISC MISC
unimo — udr-ja1604_firmware	OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71×10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.	2022-12-07	8.8	CVE-2022-44606 MISC MISC
unimo — udr-ja1604_firmware	Improper authentication vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71×10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.	2022-12-07	8.8	CVE-2022-44620 MISC MISC
veeam — veeam_backup_for_google_cloud	Improper authentication in Veeam Backup for Google Cloud v1.0 and v3.0 allows attackers to bypass authentication mechanisms.	2022-12-05	9.8	CVE-2022-43549 MISC
veritas — netbackup_flex_scale_appliance	An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Unauthenticated remote command execution can occur via the management portal.	2022-12-04	9.8	CVE-2022-46414 MISC
veritas — netbackup_flex_scale_appliance	An issue was discovered in Veritas NetBackup Flex Scale through 3.0. An attacker with non-root privileges may escalate privileges to root by using specific commands.	2022-12-04	8.8	CVE-2022-46410 MISC
veritas — netbackup_flex_scale_appliance	An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. A default password is persisted after installation and may be discovered and used to escalate privileges.	2022-12-04	8.8	CVE-2022-46411 MISC
veritas — netbackup_flex_scale_appliance	An issue was discovered in Veritas NetBackup Flex Scale through 3.0. A non-privileged user may escape a restricted shell and execute privileged commands.	2022-12-04	8.8	CVE-2022-46412 MISC
veritas — netbackup_flex_scale_appliance	An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Authenticated remote command execution can occur via the management portal.	2022-12-04	8.8	CVE-2022-46413 MISC
videolan — vlc_media_player	An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.	2022-12-06	7.8	CVE-2022-41325 MISC MISC MISC DEBIAN
vim — vim	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.	2022-12-03	9.8	CVE-2022-3491 CONFIRM MISC
vim — vim	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.	2022-12-02	9.8	CVE-2022-3520 MISC CONFIRM
vim — vim	Use After Free in GitHub repository vim/vim prior to 9.0.0789.	2022-12-02	7.8	CVE-2022-3591 MISC CONFIRM
vim — vim	Use After Free in GitHub repository vim/vim prior to 9.0.0882.	2022-12-05	7.8	CVE-2022-4292 CONFIRM MISC
warehouse_management_system_project — warehouse_management_system	A vulnerability, which was classified as critical, has been found in FeMiner wms. Affected by this issue is some unknown functionality of the file /product/savenewproduct.php?flag=1. The manipulation of the argument upfile leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214760.	2022-12-03	9.8	CVE-2022-4272 MISC MISC
webtareas_project — webtareas	webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php.	2022-12-02	9.8	CVE-2022-44290 MISC MISC
webtareas_project — webtareas	webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.	2022-12-02	9.8	CVE-2022-44291 MISC MISC
wordpress_popular_posts_project — wordpress_popular_posts	External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to update certain internal variables. As a result, the number of views for an article may be manipulated through a crafted input.	2022-12-07	7.5	CVE-2022-43468 MISC MISC MISC
wp-ecommerce — easy_wp_smtp	Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin <= 1.5.1 on WordPress.	2022-12-06	8.8	CVE-2022-42699 MISC
wp-ecommerce — easy_wp_smtp	Auth. Path Traversal vulnerability in Easy WP SMTP plugin <= 1.5.1 at WordPress.	2022-12-06	8.1	CVE-2022-45829 MISC
wp_csv_exporter_project — wp_csv_exporter	The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks	2022-12-05	7.2	CVE-2022-3249 MISC
xjd2020 — fastcms	A vulnerability was found in FastCMS. It has been rated as critical. This issue affects some unknown processing of the file /template/edit of the component Template Handler. The manipulation leads to injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214901 was assigned to this vulnerability.	2022-12-06	8.8	CVE-2022-4300 N/A N/A MISC
yithemes — yith_woocommerce_gift_cards	Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin <= 3.19.0 on WordPress.	2022-12-06	9.8	CVE-2022-45359 MISC
zabbix — frontend	Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range.	2022-12-05	9.8	CVE-2022-43515 MISC
zabbix — zabbix	A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)	2022-12-05	9.8	CVE-2022-43516 MISC
zimbra — collaboration	An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. Remote code execution can occur through ClientUploader by an authenticated admin user. An authenticated admin user can upload files through the ClientUploader utility, and traverse to any other directory for remote code execution.	2022-12-05	7.2	CVE-2022-45912 MISC
zkteco — zktime	A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0 through 11.1.0, builds 20180901, 20190510.1, 20200309.3, 20200930, 20201231, and 20210220.	2022-12-06	7.5	CVE-2021-39434 MISC

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
2kblater — 2kb_amazon_affiliates_store	Reflected Cross-Site Scripting (XSS) vulnerability in 2kb Amazon Affiliates Store plugin <=2.1.5 on WordPress.	2022-12-04	6.1	CVE-2022-40968 MISC
add_comments_project — add_comments	The Add Comments WordPress plugin through 1.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2022-12-05	4.8	CVE-2022-3909 MISC
addonspress — advanced_import	The Advanced Import WordPress plugin before 1.3.8 does not have CSRF check when installing and activating plugins, which could allow attackers to make a logged in admin install arbitrary plugins from WordPress.org, and activate arbitrary ones from the blog via CSRF attacks	2022-12-05	6.5	CVE-2022-3677 MISC
advanced_wp_columns_project — advanced_wp_columns	The Advanced WP Columns WordPress plugin through 2.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2022-12-05	4.8	CVE-2022-3426 MISC
apache — commons_net	Prior to Apache Commons Net 3.9.0, Net’s FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client. The default in version 3.9.0 is now false to ignore such hosts, as cURL does. See https://issues.apache.org/jira/browse/NET-711.	2022-12-03	6.5	CVE-2021-37533 CONFIRM MLIST
auto/taxi_stand_management_system_project — auto/taxi_stand_management_system	AutoTaxi Stand Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component search.php.	2022-12-06	6.1	CVE-2022-43369 MISC MISC
awstats — awstats	AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks.	2022-12-04	6.1	CVE-2022-46391 MISC MLIST
bd — bodyguard_999-603_firmware	The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information (ePHI), protected health information (PHI) or personally identifiable information (PII) is stored in the pump.	2022-12-05	5.3	CVE-2022-43557 MISC
beappsmobile — pc_keyboard_wifi_&_bluetooth	PC Keyboard WiFi & Bluetooth allows an attacker (in a man-in-the-middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N	2022-12-02	5.9	CVE-2022-45480 MISC
beetl-bbs_project — beetl-bbs	A vulnerability was found in xiandafu beetl-bbs. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file WebUtils.java. The manipulation of the argument user leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215107.	2022-12-08	5.4	CVE-2022-4347 N/A N/A
book_store_management_system_project — book_store_management_system	A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the Add New System User module.	2022-12-02	5.4	CVE-2022-45215 MISC MISC
book_store_management_system_project — book_store_management_system	A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Level parameter under the Add New System User module.	2022-12-07	5.4	CVE-2022-45217 MISC MISC
clicshopping — clicshopping_v3	A cross-site scripting (XSS) vulnerability in ClicShopping_V3 v3.402 allows attackers to execute arbitrary web scripts or HTML via a crafted URL parameter.	2022-12-05	6.1	CVE-2022-45769 MISC
concretecms — concrete_cms	Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to XSS in the text input field since the result dashboard page output is not sanitized. The Concrete CMS security team has ranked this 4.2 with CVSS v3.1 vector AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Thanks @_akbar_jafarli_ for reporting. Remediate by updating to Concrete CMS 8.5.10 and Concrete CMS 9.1.3.	2022-12-05	6.1	CVE-2022-43556 MISC MISC MISC
contest-gallery — contest_gallery	Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 13.1.0.9 on WordPress.	2022-12-06	6.1	CVE-2022-45848 MISC
crowdstrike — falcon	CrowdStrike Falcon 6.44.15806 allows an administrative attacker to uninstall Falcon Sensor, bypassing the intended protection mechanism in which uninstallation requires possessing a one-time token. (The sensor is managed at the kernel level.)	2022-12-04	4.9	CVE-2022-44721 MISC
dev4press — gd_bbpress_attachments	Auth. Stored Cross-Site Scripting (XSS) vulnerability in GD bbPress Attachments plugin <= 4.3.1 on WordPress.	2022-12-06	5.4	CVE-2022-45816 MISC
discourse — discourse	Discourse is an open-source discussion platform. In version 2.8.13 and prior on the `stable` branch and version 2.9.0.beta14 and prior on the `beta` and `tests-passed` branches, any authenticated user can create an unlisted topic. These topics, which are not readily available to other users, can take up unnecessary site resources. A patch for this issue is available in the `main` branch of Discourse. There are no known workarounds available.	2022-12-02	4.3	CVE-2022-46159 MISC MISC
duxcms_project — duxcms	A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php&r=article/AdminContent/edit of the component Article Handler. The manipulation of the argument content leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215115.	2022-12-08	5.4	CVE-2020-36609 MISC MISC
ecommerce-website_project — ecommerce-website	A cross-site scripting (XSS) vulnerability in the component /signup_script.php of Ecommerce-Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the eMail parameter.	2022-12-05	6.1	CVE-2022-45990 MISC
elbtide — advanced_booking_calendar	Cross-Site Request Forgery (CSRF) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress.	2022-12-05	6.5	CVE-2022-45824 MISC
enhancesoft — osticket	Cross-site Scripting (XSS) – Reflected in GitHub repository osticket/osticket prior to 1.16.4.	2022-12-02	5.4	CVE-2022-4271 CONFIRM MISC
fortinet — fortiadc	Multiple instances of improper input validation vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to retrieve files with specific extension from the underlying Linux system via crafted HTTP requests.	2022-12-06	6.5	CVE-2022-33876 MISC
fortinet — fortios	A improper neutralization of input during web page generation (‘cross-site scripting’) in Fortinet FortiOS 6.0.7 – 6.0.15, 6.2.2 – 6.2.12, 6.4.0 – 6.4.9 and 7.0.0 – 7.0.3 allows a privileged attacker to execute unauthorized code or commands via storing malicious payloads in replacement messages.	2022-12-06	5.4	CVE-2022-40680 MISC
fortinet — fortisoar	Improper neutralization of input during web page generation [CWE-79] in FortiSOAR 7.0.0 through 7.0.3 and 7.2.0 may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR.	2022-12-06	5.4	CVE-2022-38379 MISC
fsi — fs040u_firmware	Plaintext storage of a password vulnerability exists in +F FS040U software versions v2.3.4 and earlier, which may allow an attacker to obtain the login password of +F FS040U and log in to the management console.	2022-12-05	4.6	CVE-2022-43442 MISC MISC MISC MISC MISC
google — android	In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446207; Issue ID: ALPS07446207.	2022-12-05	6.7	CVE-2022-32594 MISC
google — android	In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213.	2022-12-05	6.7	CVE-2022-32596 MISC
google — android	In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.	2022-12-05	6.7	CVE-2022-32597 MISC
google — android	In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.	2022-12-05	6.7	CVE-2022-32598 MISC
google — android	In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Issue ID: ALPS07439659.	2022-12-05	6.7	CVE-2022-32619 MISC
google — android	In mpu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07541753; Issue ID: ALPS07541753.	2022-12-05	6.7	CVE-2022-32620 MISC
google — android	In gz, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363786; Issue ID: ALPS07363786.	2022-12-05	6.7	CVE-2022-32622 MISC
google — android	In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405923; Issue ID: ALPS07405923.	2022-12-05	6.7	CVE-2022-32624 MISC
google — android	In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326216; Issue ID: ALPS07326216.	2022-12-05	6.7	CVE-2022-32625 MISC
google — android	In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326239; Issue ID: ALPS07326239.	2022-12-05	6.7	CVE-2022-32626 MISC
google — android	In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310780; Issue ID: ALPS07310780.	2022-12-05	6.7	CVE-2022-32628 MISC
google — android	In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310774; Issue ID: ALPS07310774.	2022-12-05	6.7	CVE-2022-32629 MISC
google — android	In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405966; Issue ID: ALPS07405966.	2022-12-05	6.7	CVE-2022-32630 MISC
google — android	In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453613; Issue ID: ALPS07453613.	2022-12-05	6.7	CVE-2022-32631 MISC
google — android	In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441630; Issue ID: ALPS07441630.	2022-12-05	6.7	CVE-2022-32632 MISC
google — android	In Wi-Fi, there is a possible memory access violation due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441637; Issue ID: ALPS07441637.	2022-12-05	6.7	CVE-2022-32633 MISC
google — android	In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID: ALPS07138646.	2022-12-05	6.7	CVE-2022-32634 MISC
google — android	In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310829; Issue ID: ALPS07310829.	2022-12-05	6.4	CVE-2022-32621 MISC
google — android	In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.	2022-12-06	5.5	CVE-2022-39106 MISC
google — android	In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.	2022-12-06	5.5	CVE-2022-39129 MISC
google — android	In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.	2022-12-06	5.5	CVE-2022-39130 MISC
google — android	In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.	2022-12-06	5.5	CVE-2022-39131 MISC
google — android	In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.	2022-12-06	5.5	CVE-2022-39132 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-39133 MISC
google — android	Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.	2022-12-08	5.5	CVE-2022-39897 MISC
google — android	Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent.	2022-12-08	5.5	CVE-2022-39905 MISC
google — android	In npu driver, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel.	2022-12-06	5.5	CVE-2022-42754 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42755 MISC
google — android	In sensor driver, there is a possible buffer overflow due to a missing bounds check. This could lead to local denial of service in kernel.	2022-12-06	5.5	CVE-2022-42756 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42759 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42760 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42761 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42762 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42763 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42764 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42765 MISC
google — android	In wlan driver, there is a possible missing permission check, This could lead to local information disclosure.	2022-12-06	5.5	CVE-2022-42766 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42772 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42773 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42774 MISC
google — android	In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.	2022-12-06	5.5	CVE-2022-42775 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42779 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42780 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	5.5	CVE-2022-42781 MISC
google — android	In wlan driver, there is a possible missing permission check, This could lead to local information disclosure.	2022-12-06	5.5	CVE-2022-42782 MISC
google — android	In audio driver, there is a use after free due to a race condition. This could lead to local denial of service in kernel.	2022-12-06	4.7	CVE-2022-39134 MISC
google — android	In wlan driver, there is a race condition, This could lead to local denial of service in wlan services.	2022-12-06	4.7	CVE-2022-42770 MISC
google — android	In wlan driver, there is a race condition, This could lead to local denial of service in wlan services.	2022-12-06	4.7	CVE-2022-42771 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	4.3	CVE-2022-42768 MISC
haxx — curl	curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.	2022-12-05	6.5	CVE-2022-35260 MISC
human_resource_management_system_project — human_resource_management_system	A vulnerability classified as problematic has been found in SourceCodester Human Resource Management System 1.0. Affected is an unknown function of the file /hrm/employeeview.php. The manipulation of the argument search leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214776.	2022-12-03	6.1	CVE-2022-4279 N/A N/A
ibm — business_automation_workflow	IBM Business Process Manager 21.0.1 through 21.0.3.1, 20.0.0.1 through 20.0.0.2 19.0.0.1 through 19.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 65687.	2022-12-07	6.1	CVE-2022-41735 MISC MISC
ilias — ilias	ILIAS before 7.16 allows External Control of File Name or Path.	2022-12-07	6.5	CVE-2022-45918 MISC FULLDISC MISC
ilias — ilias	ILIAS before 7.16 has an Open Redirect.	2022-12-07	6.1	CVE-2022-45917 MISC FULLDISC MISC
ilias — ilias	ILIAS before 7.16 allows XSS.	2022-12-07	5.4	CVE-2022-45916 MISC FULLDISC MISC
ivanti — endpoint_manager	ZTE OTCP product is impacted by a permission and access control vulnerability. Due to improper permission settings, an attacker with high permissions could use this vulnerability to maliciously delete and modify files.	2022-12-05	6.5	CVE-2022-23143 MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘datef’ parameter on the ‘chainedquiz_list’ page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.	2022-12-02	6.1	CVE-2022-4208 MISC MISC MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘pointsf’ parameter on the ‘chainedquiz_list’ page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.	2022-12-02	6.1	CVE-2022-4209 MISC MISC MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dnf’ parameter on the ‘chainedquiz_list’ page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.	2022-12-02	6.1	CVE-2022-4210 MISC MISC MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ’emailf’ parameter on the ‘chainedquiz_list’ page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.	2022-12-02	6.1	CVE-2022-4211 MISC MISC MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ipf’ parameter on the ‘chainedquiz_list’ page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.	2022-12-02	6.1	CVE-2022-4212 MISC MISC MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dn’ parameter on the ‘chainedquiz_list’ page in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.	2022-12-02	6.1	CVE-2022-4213 MISC MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ip’ parameter on the ‘chainedquiz_list’ page in versions up to, and including, 1.3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.	2022-12-02	6.1	CVE-2022-4214 MISC MISC MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘date’ parameter on the ‘chainedquiz_list’ page in versions up to, and including, 1.3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.	2022-12-02	6.1	CVE-2022-4215 MISC MISC MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘facebook_appid’ parameter in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative privileges to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.	2022-12-02	4.8	CVE-2022-4216 MISC MISC MISC MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘api_key’ parameter in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative privileges to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.	2022-12-02	4.8	CVE-2022-4217 MISC MISC MISC MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4. This is due to missing nonce validation on the list_quizzes() function. This makes it possible for unauthenticated attackers to delete quizzes and copy quizzes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	2022-12-02	4.3	CVE-2022-4218 MISC MISC MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4. This is due to missing nonce validation on the manage() function. This makes it possible for unauthenticated attackers to delete submitted quiz responses via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	2022-12-02	4.3	CVE-2022-4219 MISC MISC MISC
kibokolabs — chained_quiz	The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4. This is due to missing nonce validation on the list_questions() function. This makes it possible for unauthenticated attackers to delete questions from quizzes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	2022-12-02	4.3	CVE-2022-4220 MISC MISC MISC MISC
kwoksys — information_server	An XML external entity (XXE) injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks.	2022-12-06	4.9	CVE-2022-45326 MISC MISC
kyocera — taskalfa_7550ci_firmware	Session information easily guessable vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to log in to the product by spoofing a user with guessed session information. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa 8000i/6500i, TASKalfa 5500i/4500i/3500i, TASKalfa 305/255, TASKalfa 306i/256i, LS-3140MFP/3140MFP+/3640MFP, ECOSYS M2535dn, LS-1135MFP/1035MFP, LS-C8650DN/C8600DN, ECOSYS P6026cdn, FS-C5250DN, LS-4300DN/4200DN/2100DN, ECOSYS P4040dn, ECOSYS P2135dn, and FS-1370DN.	2022-12-05	6.5	CVE-2022-41798 MISC MISC MISC
kyocera — taskalfa_7550ci_firmware	Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa 8000i/6500i, TASKalfa 5500i/4500i/3500i, TASKalfa 305/255, TASKalfa 306i/256i, LS-3140MFP/3140MFP+/3640MFP, ECOSYS M2535dn, LS-1135MFP/1035MFP, LS-C8650DN/C8600DN, ECOSYS P6026cdn, FS-C5250DN, LS-4300DN/4200DN/2100DN, ECOSYS P4040dn, ECOSYS P2135dn, and FS-1370DN.	2022-12-05	6.5	CVE-2022-41807 MISC MISC MISC
kyocera — taskalfa_7550ci_firmware	Stored cross-site scripting vulnerability in Kyocera Document Solutions MFPs and printers allows a remote authenticated attacker with an administrative privilege to inject arbitrary script. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa 8000i/6500i, TASKalfa 5500i/4500i/3500i, TASKalfa 305/255, TASKalfa 306i/256i, LS-3140MFP/3140MFP+/3640MFP, ECOSYS M2535dn, LS-1135MFP/1035MFP, LS-C8650DN/C8600DN, ECOSYS P6026cdn, FS-C5250DN, LS-4300DN/4200DN/2100DN, ECOSYS P4040dn, ECOSYS P2135dn, and FS-1370DN.	2022-12-05	4.8	CVE-2022-41830 MISC MISC MISC
lazy_mouse_project — lazy_mouse	Lazy Mouse allows an attacker (in a man in the middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N	2022-12-02	5.9	CVE-2022-45483 MISC
linux — linux_kernel	A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action “mirred”) a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.	2022-12-05	5.5	CVE-2022-4269 MISC
mingsoft — mcms	A vulnerability, which was classified as problematic, was found in Mingsoft MCMS 5.2.8. Affected is an unknown function of the file search.do. The manipulation of the argument content_title leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-215112.	2022-12-08	6.1	CVE-2022-4350 MISC MISC
oceanwp — sticky_header	Cross-Site Request Forgery (CSRF) vulnerability in Oceanwp sticky header plugin <= 1.0.8 on WordPress.	2022-12-04	6.5	CVE-2022-35730 MISC
online_leave_management_system_project — online_leave_management_system	Online Leave Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /leave_system/admin/?page=maintenance/department. This vulnerability allows attackers to execute arbitrary web scripts or HTML via crafted payload injected into the Name field under the Create New module.	2022-12-07	4.8	CVE-2022-45008 MISC
openrazer_project — openrazer	OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the `razer_attr_read_dpi_stages`, potentially bypassing KASLR. To exploit this vulnerability an attacker would need to access to a users keyboard or mouse or would need to convince a user to use a modified device. The issue has been patched in v3.5.1. Users are advised to upgrade and should be reminded not to plug in unknown USB devices.	2022-12-05	4.6	CVE-2022-23467 MISC MISC
pinterest — querybook	Querybook is an open source data querying UI. In affected versions user provided data is not escaped in the error field of the auth callback url in `querybook/server/app/auth/oauth_auth.py` and `querybook/server/app/auth/okta_auth.py`. This may allow attackers to perform reflected cross site scripting (XSS) if Content Security Policy (CSP) is not enabled or `unsafe-inline` is allowed. Users are advised to upgrade to the latest, patched version of querybook (version 3.14.2 or greater). Users unable to upgrade may enable CSP and not allow unsafe-inline or manually escape query parameters in a reverse proxy.	2022-12-06	6.1	CVE-2022-46151 MISC MISC
pwn_project — pwn	A vulnerability classified as problematic has been found in CTF-hacker pwn. This affects an unknown part of the file delete.html. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-215109 was assigned to this vulnerability.	2022-12-08	6.8	CVE-2022-4349 N/A N/A
rapidscada — rapid_scada	Rapid Software LLC Rapid SCADA 5.8.4 is vulnerable to Cross Site Scripting (XSS).	2022-12-07	6.1	CVE-2022-44153 MISC
ricoh — aficio_sp_4210n_firmware	Cross-site scripting vulnerability in Aficio SP 4210N firmware versions prior to Web Support 1.05 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.	2022-12-07	4.8	CVE-2022-37406 MISC MISC MISC
rukovoditel — rukovoditel	Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Announcement function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.	2022-12-02	5.4	CVE-2022-44944 MISC MISC
rukovoditel — rukovoditel	Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Page function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.	2022-12-02	5.4	CVE-2022-44946 MISC MISC
rukovoditel — rukovoditel	Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Highlight Row feature at /index.php?module=entities/listing_types&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note field after clicking “Add”.	2022-12-02	5.4	CVE-2022-44947 MISC MISC
rukovoditel — rukovoditel	Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Entities Group feature at/index.php?module=entities/entities_groups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field after clicking “Add”.	2022-12-02	5.4	CVE-2022-44948 MISC MISC
rukovoditel — rukovoditel	Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Short Name field.	2022-12-02	5.4	CVE-2022-44949 MISC MISC
rukovoditel — rukovoditel	Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2022-12-02	5.4	CVE-2022-44950 MISC MISC
rukovoditel — rukovoditel	Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Form tab function at /index.php?module=entities/forms&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2022-12-02	5.4	CVE-2022-44951 MISC MISC
rukovoditel — rukovoditel	Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking “Add”.	2022-12-02	5.4	CVE-2022-44952 MISC MISC
ruoyi — ruoyi-cloud	A vulnerability was found in y_project RuoYi-Cloud. It has been rated as problematic. Affected by this issue is some unknown functionality of the component JSON Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-215108.	2022-12-08	6.1	CVE-2022-4348 N/A N/A
salonbookingsystem — salon_booking_system	Cross-site scripting vulnerability in Salon booking system versions prior to 7.9 allows a remote unauthenticated attacker to inject an arbitrary script.	2022-12-05	6.1	CVE-2022-43487 MISC MISC MISC
sangoma — asterisk	An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1. GetConfig, via Asterisk Manager Interface, allows a connected application to access files outside of the asterisk configuration directory, aka Directory Traversal.	2022-12-05	4.9	CVE-2022-42706 MISC
sangoma — certified_asterisk	A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Asterisk (denial of service) by performing activity on a subscription via a reliable transport at the same time that Asterisk is also performing activity on that subscription.	2022-12-05	6.5	CVE-2022-42705 MISC
ss-proj — shirasagi	Open redirect vulnerability in SHIRASAGI v1.14.4 to v1.15.0 allows a remote unauthenticated attacker to redirect users to an arbitrary web site and conduct a phishing attack.	2022-12-05	6.1	CVE-2022-43479 MISC MISC MISC MISC
ss-proj — shirasagi	Stored cross-site scripting vulnerability in SHIRASAGI versions prior to v1.16.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.	2022-12-05	5.4	CVE-2022-43499 MISC MISC MISC MISC
stackstorm — stackstorm	Cross-site scripting (XSS) vulnerability in the Web UI of StackStorm versions prior to 3.8.0 allowed logged in users with write access to pack rules to inject arbitrary script or HTML that may be executed in Web UI for other logged in users.	2022-12-05	5.4	CVE-2022-43706 MISC
telegram — telegram	DISPUTED Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding.	2022-12-06	6.1	CVE-2022-43363 MISC MISC
telepad-app — telepad	Telepad allows an attacker (in a man-in-the-middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N	2022-12-05	5.9	CVE-2022-45478 MISC
teler_project — teler	teler is an real-time intrusion detection and threat alert dashboard. teler prior to version 2.0.0-rc.4 is vulnerable to DOM-based cross-site scripting (XSS) in the teler dashboard. When teler requests messages from the event stream on the `/events` endpoint, the log data displayed on the dashboard are not sanitized. This only affects authenticated users and can only be exploited based on detected threats if the log contains a DOM scripting payload. This vulnerability has been fixed on version `v2.0.0-rc.4`. Users are advised to upgrade. There are no known workarounds for this vulnerability.	2022-12-06	5.4	CVE-2022-23466 MISC MISC
tenda — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.	2022-12-02	6.5	CVE-2022-45673 MISC
tenda — ac6_firmware	Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.	2022-12-02	6.5	CVE-2022-45674 MISC
tenda — i22_firmware	Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.	2022-12-02	6.5	CVE-2022-45667 MISC
tenda — i22_firmware	Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.	2022-12-02	6.5	CVE-2022-45668 MISC
themeum — wp_page_builder	The WP Page Builder WordPress plugin through 1.2.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2022-12-05	4.8	CVE-2022-3830 MISC
tibco — nimbus	The Statement Set Upload via the Web Client component of TIBCO Software Inc.’s TIBCO Nimbus contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a Denial of Service Attack on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO Nimbus: version 10.5.0.	2022-12-06	6.5	CVE-2022-41560 CONFIRM
tomexam — tomexam	Cross Site Scripting (XSS) vulnerability in TomExam 3.0 via p_name parameter to list.thtml.	2022-12-05	5.4	CVE-2021-34181 MISC
tp-link — re3000_firmware	tdpServer of TP-Link RE300 V1 improperly processes its input, which may allow an attacker to cause a denial-of-service (DoS) condition of the product’s OneMesh function.	2022-12-07	5.5	CVE-2022-41783 MISC MISC
tp-link — tl-wr740n_firmware	A vulnerability classified as problematic has been found in TP-Link TL-WR740N. Affected is an unknown function of the component ARP Handler. The manipulation leads to resource consumption. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214812.	2022-12-06	5.5	CVE-2022-4296 MISC MISC
user_registration_&_user_management_system_project — user_registration_&_user_management_system	Phpgurukul User Registration & User Management System v3.0 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the firstname and lastname parameters of the registration form & login pages.	2022-12-05	5.4	CVE-2022-43097 MISC
vim — vim	Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.	2022-12-05	5.5	CVE-2022-4293 CONFIRM MISC
webtareas_project — webtareas	webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /linkedcontent/listfiles.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field after clicking “Add”.	2022-12-02	5.4	CVE-2022-44953 MISC MISC
webtareas_project — webtareas	webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /contacts/listcontacts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name field after clicking “Add”.	2022-12-02	5.4	CVE-2022-44954 MISC MISC
webtareas_project — webtareas	webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field.	2022-12-02	5.4	CVE-2022-44955 MISC MISC
webtareas_project — webtareas	webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /projects/listprojects.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2022-12-02	5.4	CVE-2022-44956 MISC MISC
webtareas_project — webtareas	webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /clients/listclients.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2022-12-02	5.4	CVE-2022-44957 MISC MISC
webtareas_project — webtareas	webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /meetings/listmeetings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2022-12-02	5.4	CVE-2022-44959 MISC MISC
webtareas_project — webtareas	webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /general/search.php?searchtype=simple. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field.	2022-12-02	5.4	CVE-2022-44960 MISC MISC
webtareas_project — webtareas	webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /forums/editforum.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.	2022-12-02	5.4	CVE-2022-44961 MISC MISC
webtareas_project — webtareas	webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /calendar/viewcalendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject field.	2022-12-02	5.4	CVE-2022-44962 MISC MISC
wordpress — wordpress	Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script .	2022-12-05	6.1	CVE-2022-43497 MISC MISC MISC
wordpress — wordpress	Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script .	2022-12-05	6.1	CVE-2022-43500 MISC MISC MISC
wordpress — wordpress	Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature.	2022-12-05	5.3	CVE-2022-43504 MISC MISC MISC
wp-ecommerce — easy_wp_smtp	Auth. Path Traversal vulnerability in Easy WP SMTP plugin <= 1.5.1 on WordPress.	2022-12-06	6.5	CVE-2022-45833 MISC
wp-oauth — wp_oauth_server	The WP OAuth Server (OAuth Authentication) WordPress plugin before 3.4.2 does not have CSRF check when regenerating secrets, which could allow attackers to make logged in admins regenerate the secret of an arbitrary client given they know the client ID	2022-12-05	6.5	CVE-2022-3926 MISC
wp-oauth — wp_oauth_server	The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.2 does not sanitize and escape Client IDs, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)	2022-12-05	4.8	CVE-2022-3892 MISC
wpmanage — uji_countdown	The Uji Countdown WordPress plugin through 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2022-12-05	4.8	CVE-2022-3837 MISC
wpupper_share_buttons_project — wpupper_share_buttons	The WPUpper Share Buttons WordPress plugin through 3.42 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).	2022-12-05	4.8	CVE-2022-3838 MISC
xylusthemes — wp_smart_import	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xylus Themes WP Smart Import plugin <= 1.0.2 on WordPress.	2022-12-06	6.1	CVE-2022-40209 MISC
zyxel — atp800_firmware	A cross-site scripting (XSS) vulnerability in the CGI program of Zyxel ZyWALL/USG series firmware versions 4.30 through 4.72, VPN series firmware versions 4.30 through 5.31, USG FLEX series firmware versions 4.50 through 5.31, and ATP series firmware versions 4.32 through 5.31, which could allow an attacker to trick a user into visiting a crafted URL with the XSS payload. Then, the attacker could gain access to some browser-based information if the malicious script is executed on the victim’s browser.	2022-12-06	6.1	CVE-2022-40603 CONFIRM
zzcms — zzcms	An issue was discovered in ZZCMS 2022. There is a cross-site scripting (XSS) vulnerability in admin/ad_list.php.	2022-12-07	5.4	CVE-2022-44361 MISC

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
google — android	Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.	2022-12-08	3.3	CVE-2022-39894 MISC
google — android	Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent.	2022-12-08	3.3	CVE-2022-39895 MISC
google — android	Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.	2022-12-08	3.3	CVE-2022-39896 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	3.3	CVE-2022-42757 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	3.3	CVE-2022-42758 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	3.3	CVE-2022-42767 MISC
google — android	In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.	2022-12-06	3.3	CVE-2022-42769 MISC
hitachi — jp1/automatic_operation	Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1/Automatic Operation allows local users to gain sensitive information. This issue affects JP1/Automatic Operation: from 10-00 through 10-54-03, from 11-00 before 11-51-09, from 12-00 before 12-60-01.	2022-12-06	3.3	CVE-2022-34881 MISC
m-files — m-files_server	Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally.	2022-12-02	2.6	CVE-2022-4270 MISC

Severity Not Yet Assigned

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
akeneo_pim — akeneo_pim	Akeneo PIM is an open source Product Information Management (PIM). Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the versions aforementioned provides patched Apache HTTP server configuration file, for docker setup and in documentation sample, to fix this vulnerability. Community Edition users must change their Apache HTTP server configuration accordingly to be protected. The patch for Cloud Based Akeneo PIM Services customers has been applied since 30th October 2022. Users are advised to upgrade. Users unable to upgrade may Replace any reference to `<FilesMatch .php$>` in their apache httpd configurations with: `<Location “/index.php”>`.	2022-12-09	not yet calculated	CVE-2022-46157 MISC MISC
apache — manifoldcf	Improper neutralization of special elements used in an LDAP query (‘LDAP Injection’) vulnerability in ActiveDirectory and Sharepoint ActiveDirectory authority connectors of Apache ManifoldCF allows an attacker to manipulate the LDAP search queries (DoS, additional queries, filter manipulation) during user lookup, if the username or the domain string are passed to the UserACLs servlet without validation. This issue affects Apache ManifoldCF version 2.23 and prior versions.	2022-12-07	not yet calculated	CVE-2022-45910 MISC
aruba — airwave_management_platform	Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network configurations with privileges at a higher effective level in Aruba AirWave Management Platform version(s): 8.2.15.0 and below.	2022-12-08	not yet calculated	CVE-2022-37916 MISC
aruba — airwave_management_platform	Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network configurations with privileges at a higher effective level in Aruba AirWave Management Platform version(s): 8.2.15.0 and below.	2022-12-08	not yet calculated	CVE-2022-37917 MISC
aruba — airwave_management_platform	Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network configurations with privileges at a higher effective level in Aruba AirWave Management Platform version(s): 8.2.15.0 and below.	2022-12-08	not yet calculated	CVE-2022-37918 MISC
automotive_shop_management_system — automotive_shop_management_system	Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /services/view_service.php.	2022-12-09	not yet calculated	CVE-2022-44838 MISC
baota — baota	In BAOTA linux panel there exists a stored xss vulnerability attackers can use to obtain sensitive information via the log analysis feature.	2022-12-09	not yet calculated	CVE-2022-4336 MISC
basercms — basercms	Stored cross-site scripting vulnerability in Permission Settings of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.	2022-12-07	not yet calculated	CVE-2022-41994 MISC MISC
basercms — basercms	Stored cross-site scripting vulnerability in User group management of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.	2022-12-07	not yet calculated	CVE-2022-42486 MISC MISC
broadcom — brocade_fabric_os	A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch IP address.	2022-12-08	not yet calculated	CVE-2022-33186 MISC
broadcom — brocade_sannav	Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information.	2022-12-09	not yet calculated	CVE-2022-33187 MISC
broadcom — symantec_messaging_gateway	An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column)	2022-12-09	not yet calculated	CVE-2022-25629 MISC
broadcom — symantec_messaging_gateway	An authenticated user can embed malicious content with XSS into the admin group policy page.	2022-12-09	not yet calculated	CVE-2022-25630 MISC
buffalo_inc — multiple_products	Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WLI-TX4-AG300N firmware Ver. 1.53 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WZR2-G108 firmware Ver. 1.33 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, and WZR-HP-G450H firmware Ver. 1.90 and earlier.	2022-12-07	not yet calculated	CVE-2022-39044 MISC MISC
buffalo_inc — multiple_products	Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WRM-D2133HP firmware Ver. 2.85 and earlier, WRM-D2133HS firmware Ver. 2.96 and earlier, WTR-M2133HP firmware Ver. 2.85 and earlier, WTR-M2133HS firmware Ver. 2.96 and earlier, WXR-1900DHP firmware Ver. 2.50 and earlier, WXR-1900DHP2 firmware Ver. 2.59 and earlier, WXR-1900DHP3 firmware Ver. 2.63 and earlier, WXR-5950AX12 firmware Ver. 3.40 and earlier, WXR-6000AX12B firmware Ver. 3.40 and earlier, WXR-6000AX12S firmware Ver. 3.40 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-1750DHP2 firmware Ver. 2.31 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WEM-1266 firmware Ver. 2.85 and earlier, WEM-1266WP firmware Ver. 2.85 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WXR-1750DHP firmware Ver. 2.60 and earlier, WXR-1750DHP2 firmware Ver. 2.60 and earlier, WZR-1166DHP firmware Ver. 2.18 and earlier, WZR-1166DHP2 firmware Ver. 2.18 and earlier, WZR-1750DHP firmware Ver. 2.30 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-600DHP3 firmware Ver. 2.19 and earlier, WZR-900DHP2 firmware Ver. 2.19 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, WZR-HP-G450H firmware Ver. 1.90 and earlier, WZR-S1750DHP firmware Ver. 2.32 and earlier, WZR-S600DHP firmware Ver. 2.19 and earlier, and WZR-S900DHP firmware Ver. 2.19 and earlier.	2022-12-07	not yet calculated	CVE-2022-40966 MISC MISC
buffalo_inc — multiple_products	Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. The affected products/versions are as follows: WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, and WZR-D1100H firmware Ver. 2.00 and earlier.	2022-12-07	not yet calculated	CVE-2022-34840 MISC MISC
buildah — buildah	A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.	2022-12-08	not yet calculated	CVE-2022-4122 MISC MISC
buildah — buildah	A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality.	2022-12-08	not yet calculated	CVE-2022-4123 MISC
canon_medical_informatics — vitrea_vision	Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An authenticated user is able to gain unauthorized access to imaging records by tampering with the vitrea-view/studies/search patientId parameter.	2022-12-09	not yet calculated	CVE-2022-38765 MISC
certifi — certifi	Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from “TrustCor” from the root store. These are in the process of being removed from Mozilla’s trust store. TrustCor’s root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor’s ownership also operated a business that produced spyware. Conclusions of Mozilla’s investigation can be found in the linked google group discussion.	2022-12-07	not yet calculated	CVE-2022-23491 MISC MISC
chicken — chicken	egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file.	2022-12-10	not yet calculated	CVE-2022-45145 MISC MISC MISC
codecentric– spring-boot-admin	Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are affected. Users are advised to upgrade to the most recent releases of Spring Boot Admin 2.6.10 and 2.7.8 to resolve this issue. Users unable to upgrade may disable any notifier or disable write access (POST request) on `/env` actuator endpoint.	2022-12-09	not yet calculated	CVE-2022-46166 MISC MISC
containerd — containerd	containerd is an open source container runtime. A bug was found in containerd’s CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user’s process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd’s CRI implementation and the stream server is used for handling container IO. This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used and that only trusted users have permissions to execute commands in running containers.	2022-12-07	not yet calculated	CVE-2022-23471 MISC MISC
csliuwy — coder-chain_gdut	A vulnerability has been found in csliuwy coder-chain_gdut and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /back/index.php/user/User/?1. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215095.	2022-12-07	not yet calculated	CVE-2022-4341 N/A N/A
cube-js — cube-js	cube-js is a headless business intelligence platform. In version 0.31.23 all authenticated Cube clients could bypass SQL row-level security and run arbitrary SQL via the newly introduced /v1/sql-runner endpoint. This issue has been resolved in version 0.31.24. Users are advised to either upgrade to 0.31.24 or to downgrade to 0.31.22. There are no known workarounds for this vulnerability.	2022-12-09	not yet calculated	CVE-2022-23510 MISC MISC MISC
daloradius — daloradius	daloRADIUS is an open source RADIUS web management application. daloRadius 1.3 and prior are vulnerable to a combination cross site scripting (XSS) and cross site request forgery (CSRF) vulnerability which leads to account takeover in the mng-del.php file because of an unescaped variable reflected in the DOM on line 116. This issue has been addressed in commit `ec3b4a419e`. Users are advised to manually apply the commit in order to mitigate this issue. Users may also mitigate this issue with in two parts 1) The CSRF vulnerability can be mitigated by making the daloRadius session cookie to samesite=Lax or by the implimentation of a CSRF token in all forms. 2) The XSS vulnerability may be mitigated by escaping it or by introducing a Content-Security policy.	2022-12-06	not yet calculated	CVE-2022-23475 MISC MISC
dhis2 — dhis2-core	DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. Through various features of DHIS2, an authenticated user may be able to upload a file which includes embedded javascript. The user could then potentially trick another authenticated user to open the malicious file in a browser which would trigger the javascript code, resulting in a cross-site scripting (XSS) attack. DHIS2 administrators should upgrade to the following hotfix releases: 2.36.12.1, 2.37.8.1, 2.38.2.1, 2.39.0.1. Users unable to upgrade may add the following simple CSP rule in your web proxy to the vulnerable endpoints: `script-src ‘none’`. This workaround will prevent all javascript from running on those endpoints.	2022-12-08	not yet calculated	CVE-2022-41947 MISC MISC
dhis2 — dhis2-core	DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. Affected versions are subject to a privilege escalation vulnerability. A DHIS2 user with authority to manage users can assign superuser privileges to themself by manually crafting an HTTP PUT request. Only users with the following DHIS2 user role authorities can exploit this vulnerability. Note that in many systems the only users with user admin privileges are also superusers. In these cases, the escalation vulnerability does not exist. The vulnerability is only exploitable by attackers who can authenticate as users with the user admin authority. As this is usually a small and relatively trusted set of users, exploit vectors will often be limited. DHIS2 administrators should upgrade to the following hotfix releases: 2.36.12.1, 2.37.8.1, 2.38.2.1, 2.39.0.1. The only known workaround to this issue is to avoid the assignment of the user management authority to any users until the patch has been applied.	2022-12-08	not yet calculated	CVE-2022-41948 MISC
dhis2 — dhis2-core	DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. In affected versions an authenticated DHIS2 user can craft a request to DHIS2 to instruct the server to make requests to external resources (like third party servers). This could allow an attacker, for example, to identify vulnerable services which might not be otherwise exposed to the public internet or to determine whether a specific file is present on the DHIS2 server. DHIS2 administrators should upgrade to the following hotfix releases: 2.36.12.1, 2.37.8.1, 2.38.2.1, 2.39.0.1. At this time, there is no known workaround or mitigation for this vulnerability.	2022-12-08	not yet calculated	CVE-2022-41949 MISC MISC
f5 — big-ip	In all versions of BIG-IP, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.	2022-12-07	not yet calculated	CVE-2022-41800 MISC
freshrss — freshrss	FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain hashed passwords (brypt with cost 9, salted) of FreshRSS Web interface. If the API is used, the configuration might contain a hashed password (brypt with cost 9, salted) of the GReader API, and a hashed password (MD5 salted) of the Fever API. Users should update to version 1.20.2 or edge. Users unable to upgrade can apply the patch manually or delete the file `./FreshRSS/p/ext.php`.	2022-12-09	not yet calculated	CVE-2022-23497 MISC MISC MISC
funkwhale — funkwhale	User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted.	2022-12-09	not yet calculated	CVE-2022-45292 MISC
go-merkledag — go-merkledag	go-merkledag implements the ‘DAGService’ interface and adds two ipld node types, Protobuf and Raw for the ipfs project. A `ProtoNode` may be modified in such a way as to cause various encode errors which will trigger a panic on common method calls that don’t allow for error returns. A `ProtoNode` should only be able to encode to valid DAG-PB, attempting to encode invalid DAG-PB forms will result in an error from the codec. Manipulation of an existing (newly created or decoded) `ProtoNode` using the modifier methods did not account for certain states that would place the `ProtoNode` into an unencodeable form. Due to conformance with the [`github.com/ipfs/go-block-format#Block`](https://pkg.go.dev/github.com/ipfs/go-block-format#Block) and [`github.com/ipfs/go-ipld-format#Node`](https://pkg.go.dev/github.com/ipfs/go-ipld-format#Node) interfaces, certain methods, which internally require a re-encode if state has changed, will panic due to the inability to return an error. This issue has been addressed across a number of pull requests. Users are advised to upgrade to version 0.8.1 for a complete set of fixes. Users unable to upgrade may attempt to mitigate this issue by sanitising inputs when allowing user-input to set a new `CidBuilder` on a `ProtoNode` and by sanitising `Tsize` (`Link#Size`) values such that they are a reasonable byte-size for sub-DAGs where derived from user-input.	2022-12-08	not yet calculated	CVE-2022-23495 MISC MISC MISC MISC MISC MISC MISC MISC MISC
go-standard_library — os/net/http	On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS(“C:/tmp”).Open(“COM1”) opens the COM1 device. Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS(“”) has changed. Previously, an empty root was treated equivalently to “/”, so os.DirFS(“”).Open(“tmp”) would open the path “/tmp”. This now returns an error.	2022-12-07	not yet calculated	CVE-2022-41720 MISC MISC MISC MISC
go-standard_library/golang — multiple_producst	An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.	2022-12-08	not yet calculated	CVE-2022-41717 MISC MISC MISC MISC MISC
ibm — cloud_transformation_advisor	IBM Cloud Transformation Advisor 2.0.1 through 3.3.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 237214.	2022-12-09	not yet calculated	CVE-2022-41299 MISC MISC
interspire — email_marketer	Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists.	2022-12-09	not yet calculated	CVE-2022-44790 MISC
jetbrains — gateway	In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented.	2022-12-08	not yet calculated	CVE-2022-46829 MISC
jetbrains — intellij_idea	In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible.	2022-12-08	not yet calculated	CVE-2022-46824 MISC
jetbrains — intellij_idea	In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open projects.	2022-12-08	not yet calculated	CVE-2022-46825 MISC
jetbrains — intellij_idea	In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability.	2022-12-08	not yet calculated	CVE-2022-46826 MISC
jetbrains — intellij_idea	In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.	2022-12-08	not yet calculated	CVE-2022-46827 MISC
jetbrains — intellij_idea	In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible.	2022-12-08	not yet calculated	CVE-2022-46828 MISC
jetbrains — teamcity	In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.	2022-12-08	not yet calculated	CVE-2022-46830 MISC
jetbrains — teamcity	In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the “Default Credential Provider Chain” allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.	2022-12-08	not yet calculated	CVE-2022-46831 MISC
kbase_doc — kbase_doc	Kbase Doc v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /web/IndexController.java.	2022-12-09	not yet calculated	CVE-2022-45290 MISC
labstack — labstack	Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read.	2022-12-07	not yet calculated	CVE-2020-36565 MISC MISC MISC
linux — linux	Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).	2022-12-07	not yet calculated	CVE-2022-42328 MISC MLIST MLIST MLIST
linux — linux	Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).	2022-12-07	not yet calculated	CVE-2022-42329 MISC MLIST MLIST MLIST
lirantal — daloradius	Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitHub repository lirantal/daloradius prior to master branch.	2022-12-08	not yet calculated	CVE-2022-4366 CONFIRM MISC
m-files — web	Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files before 22.8.11691.0 allows low privilege user to change some configuration.	2022-12-09	not yet calculated	CVE-2022-4264 MISC
metinfo — metinfo	A Cross-Site Request Forgery (CSRF) in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account.	2022-12-07	not yet calculated	CVE-2022-44849 MISC
micro_focus — operations_bridge_containerized	A potential vulnerability has been identified in Micro Focus Operations Bridge – Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is only applicable if the Operations Bridge Manager capability is deployed. A potential vulnerability has been identified in Micro Focus Operations Bridge Manager (OBM). The vulnerability could be exploited by a malicious authenticated OBM user to run Java Scripts in the browser context of another OBM user. This issue affects: Micro Focus Micro Focus Operations Bridge Manager versions prior to 2022.11. Micro Focus Micro Focus Operations Bridge- Containerized versions prior to 2022.11.	2022-12-08	not yet calculated	CVE-2022-38754 MISC MISC MISC
mingsoft — mcms	A vulnerability was found in Mingsoft MCMS up to 5.2.9. It has been classified as critical. Affected is an unknown function of the file /cms/category/list. The manipulation of the argument sqlWhere leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.2.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215196.	2022-12-09	not yet calculated	CVE-2022-4375 MISC MISC
morontt — zend-blog-number-2	A vulnerability was found in morontt zend-blog-number-2. It has been classified as problematic. Affected is an unknown function of the file application/forms/Comment.php of the component Comment Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The name of the patch is 36b2d4abe20a6245e4f8df7a4b14e130b24d429d. It is recommended to apply a patch to fix this issue. VDB-215250 is the identifier assigned to this vulnerability.	2022-12-10	not yet calculated	CVE-2022-4397 N/A N/A
netgear — nighthawk_rax30	A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400 series of routers. IPv6 is enabled for the WAN interface by default on these devices. While there are firewall restrictions in place that define access restrictions for IPv4 traffic, these restrictions do not appear to be applied to the WAN interface for IPv6. This allows arbitrary access to any services running on the device that may be inadvertently listening via IPv6, such as the SSH and Telnet servers spawned on ports 22 and 23 by default. This misconfiguration could allow an attacker to interact with services only intended to be accessible by clients on the local network.	2022-12-09	not yet calculated	CVE-2022-4390 MISC MISC
nortonlifelock — avast_antivirus	The aswjsflt.dll library from Avast Antivirus windows contained a potentially exploitable heap corruption vulnerability that could enable an attacker to bypass the sandbox of the application it was loaded into, if applicable. This issue was fixed in version 18.0.1478 of the Script Shield Component.	2022-12-08	not yet calculated	CVE-2022-4291 MISC
openharmony — openharmony	Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.	2022-12-08	not yet calculated	CVE-2022-41802 MISC
openharmony — openharmony	The appspawn and nwebspawn services within OpenHarmony-v3.1.2 and prior versions were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation. An unprivileged malicious application would be able to gain code execution within any application installed on the device or cause application crash.	2022-12-08	not yet calculated	CVE-2022-44455 MISC
openharmony — openharmony	OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions.	2022-12-08	not yet calculated	CVE-2022-45118 MISC
openharmony — openharmony	OpenHarmony-v3.1.4 and prior versions had an vulnerability. PIN code is transmitted to the peer device in plain text during cross-device authentication, which reduces the difficulty of man-in-the-middle attacks.	2022-12-08	not yet calculated	CVE-2022-45877 MISC
pb-cms — pb-cms	A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /blog/comment of the component Message Board. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-215114 is the identifier assigned to this vulnerability.	2022-12-08	not yet calculated	CVE-2022-4354 MISC MISC
pb-cms — pb-cms	A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this vulnerability is the function IpUtil.getIpAddr. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-215113 was assigned to this vulnerability.	2022-12-08	not yet calculated	CVE-2022-4353 MISC MISC
perl — perl	The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user’s terminal and certain options are set.	2022-12-09	not yet calculated	CVE-2022-4170 MISC MISC
prestashop — prestashop	PrestaShop is an open-source e-commerce solution. Versions prior to 1.7.8.8 did not properly restrict host filesystem access for users. Users may have been able to view the contents of the upload directory without appropriate permissions. This issue has been addressed and users are advised to upgrade to version 1.7.8.8. There are no known workarounds for this issue.	2022-12-08	not yet calculated	CVE-2022-46158 MISC MISC
qubes-mirage-firewall — qubes-mirage-firewall	qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users to cause a denial of service (CPU consumption and loss of forwarding) via a crafted multicast UDP packet (IP address range of 224.0.0.0 through 239.255.255.255).	2022-12-07	not yet calculated	CVE-2022-46770 MISC
radareorg — radareorg/radare2	Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0.	2022-12-10	not yet calculated	CVE-2022-4398 MISC CONFIRM
rapid7 — nexpose_and_insightvm	Rapid7 Nexpose and InsightVM versions prior to 6.6.172 failed to reliably validate the authenticity of update contents. This failure could allow an attacker to provide a malicious update and alter the functionality of Rapid7 Nexpose. The attacker would need some pre-existing mechanism to provide a malicious update, either through a social engineering effort, privileged access to replace downloaded updates in transit, or by performing an Attacker-in-the-Middle attack on the update service itself.	2022-12-08	not yet calculated	CVE-2022-4261 CONFIRM CONFIRM CONFIRM
red_hat — openshift	Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks.	2022-12-09	not yet calculated	CVE-2022-3259 MISC
red_hat — openshift	The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks.	2022-12-08	not yet calculated	CVE-2022-3260 MISC
red_hat — openshift	A flaw was found in Openshift. A pod with a DNSPolicy of “ClusterFirst” may incorrectly resolve the hostname based on a service provided. This flaw allows an attacker to supply an incorrect name with the DNS search policy, affecting confidentiality and availability.	2022-12-08	not yet calculated	CVE-2022-3262 MISC
reputeinfosystems — armember	Unauth. Privilege Escalation vulnerability in ARMember premium plugin <= 5.5.1 on WordPress.	2022-12-06	not yet calculated	CVE-2022-42888 MISC
s-cms — s-cms	A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-215197 was assigned to this vulnerability.	2022-12-09	not yet calculated	CVE-2022-4377 N/A N/A
samsung — calendar	Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit intent.	2022-12-08	not yet calculated	CVE-2022-39915 MISC
samsung — decoding_library	Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.	2022-12-08	not yet calculated	CVE-2022-39907 MISC
samsung — decoding_library	TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.	2022-12-08	not yet calculated	CVE-2022-39908 MISC
samsung — displaymanagerservice	Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information.	2022-12-08	not yet calculated	CVE-2022-39914 MISC
samsung — exynos_baseband	Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB.	2022-12-08	not yet calculated	CVE-2022-39901 MISC
samsung — gear_iconx_pc_manager	Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link.	2022-12-08	not yet calculated	CVE-2022-39909 MISC
samsung — iiccphonebook	Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim.	2022-12-08	not yet calculated	CVE-2022-39898 MISC
samsung — nice_catch	Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch.	2022-12-08	not yet calculated	CVE-2022-39900 MISC
samsung — pass	Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view.	2022-12-08	not yet calculated	CVE-2022-39910 MISC
samsung — pass	Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass.	2022-12-08	not yet calculated	CVE-2022-39911 MISC
samsung — persona_manager	Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles information.	2022-12-08	not yet calculated	CVE-2022-39913 MISC
samsung — personamanagerservice	Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder.	2022-12-08	not yet calculated	CVE-2022-39912 MISC
samsung — rcs_call	Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number.	2022-12-08	not yet calculated	CVE-2022-39903 MISC
samsung — sectelephonyprovider	Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information.	2022-12-08	not yet calculated	CVE-2022-39906 MISC
samsung — settings	Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via log.	2022-12-08	not yet calculated	CVE-2022-39904 MISC
samsung — windowmanagerservice	Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture.	2022-12-08	not yet calculated	CVE-2022-39899 MISC
secomea — gatemanager	A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7.	2022-12-09	not yet calculated	CVE-2022-2752 MISC
secustation — multiple_products	In certain Secustation products the administrator account password can be read. This affects V2.5.5.3116-S50-SMA-B20171107A, V2.3.4.1301-M20-TSA-B20150617A, V2.5.5.3116-S50-RXA-B20180502A, V2.5.5.3116-S50-SMA-B20190723A, V2.5.5.3116-S50-SMB-B20161012A, V2.3.4.2103-S50-NTD-B20170508B, V2.5.5.3116-S50-SMB-B20160601A, V2.5.5.2601-S50-TSA-B20151229A, and V2.5.5.3116-S50-SMA-B20170217.	2022-12-08	not yet calculated	CVE-2022-40939 MISC MISC
seeddms — seeddms	Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full account takeover via a brute force attack.	2022-12-08	not yet calculated	CVE-2022-44938 MISC
sentry — sentry	Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result an attacker with a valid invite link can create multiple users and join an organization they may not have been originally invited to. This issue was patched in version 22.11.0. Sentry SaaS customers do not need to take action. Self-hosted Sentry installs on systems which can not upgrade can disable the invite functionality until they are ready to deploy the patched version by editing their `sentry.conf.py` file (usually located at `~/.sentry/`).	2022-12-10	not yet calculated	CVE-2022-23485 MISC
shift_tech_inc — bingo!cms	Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered.	2022-12-07	not yet calculated	CVE-2022-42458 MISC MISC
six_apart_ltd — movable_type	Improper neutralization of Server-Side Includes (SSW) within a web page in Movable Type series allows a remote authenticated attacker with Privilege of ‘Manage of Content Types’ may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versions are as follows: Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series), Movable Type Premium 1.53 and earlier, and Movable Type Premium Advanced 1.53 and earlier.	2022-12-07	not yet calculated	CVE-2022-43660 MISC MISC
six_apart_ltd — movable_type	Improper validation of syntactic correctness of input vulnerability exist in Movable Type series. Having a user to access a specially crafted URL may allow a remote unauthenticated attacker to set a specially crafted URL to the Reset Password page and conduct a phishing attack. Affected products/versions are as follows: Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series), Movable Type 6.8.7 and earlier (Movable Type 6 Series), Movable Type Advanced 6.8.7 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.53 and earlier, and Movable Type Premium Advanced 1.53 and earlier.	2022-12-07	not yet calculated	CVE-2022-45113 MISC MISC
six_apart_ltd — movable_type	Cross-site scripting vulnerability in Movable Type Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series), Movable Type 6.8.7 and earlier (Movable Type 6 Series), Movable Type Advanced 6.8.7 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.53 and earlier, and Movable Type Premium Advanced 1.53 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.	2022-12-07	not yet calculated	CVE-2022-45122 MISC MISC
teledyne flir — ax8	A vulnerability classified as critical has been found in Teledyne FLIR AX8 up to 1.46.16. Affected is an unknown function of the file palette.php of the component Web Service Handler. The manipulation of the argument palette leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-215118 is the identifier assigned to this vulnerability.	2022-12-08	not yet calculated	CVE-2022-4364 N/A N/A
teleport — teleport	Teleport v3.2.2, Teleport v3.5.6-rc6, and Teleport v3.6.3-b2 was discovered to contain an information leak via the /user/get-role-list web interface.	2022-12-08	not yet calculated	CVE-2022-38599 MISC MISC
ticklishhoneybee — nodau	A vulnerability was found in TicklishHoneyBee nodau. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/db.c. The manipulation of the argument value/name leads to sql injection. The name of the patch is 7a7d737a3929f335b9717ddbd31db91151b69ad2. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215252.	2022-12-10	not yet calculated	CVE-2022-4399 MISC MISC MISC
tinymce — tinymce	tinymce is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicious HTML content. This can occur in plugins that use the alert or confirm dialogs, such as in the `image` plugin, which presents these dialogs when certain errors occur. The vulnerability allowed arbitrary JavaScript execution when an alert presented in the TinyMCE UI for the current user. This vulnerability has been patched in TinyMCE 5.10.7 and TinyMCE 6.3.1 by ensuring HTML sanitization was still performed after unwrapping invalid elements. Users are advised to upgrade to either 5.10.7 or 6.3.1. Users unable to upgrade may ensure the the `images_upload_handler` returns a valid value as per the images_upload_handler documentation.	2022-12-08	not yet calculated	CVE-2022-23494 MISC MISC MISC MISC MISC MISC
traefik — traefik	Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are subject to a potential vulnerability in Traefik displaying the Authorization header in its debug logs. In certain cases, if the log level is set to DEBUG, credentials provided using the Authorization header are displayed in the debug logs. Attackers must have access to a users logging system in order for credentials to be stolen. This issue has been addressed in version 2.9.6. Users are advised to upgrade. Users unable to upgrade may set the log level to `INFO`, `WARN`, or `ERROR`.	2022-12-08	not yet calculated	CVE-2022-23469 MISC MISC MISC
traefik — traefik	Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS connection set with a wrong CA file is exposed without verifying the client certificates. Users are advised to upgrade to version 2.9.6. Users unable to upgrade should check their logs to detect the error messages and fix your TLS options.	2022-12-08	not yet calculated	CVE-2022-46153 MISC MISC MISC MISC
trendnet — wireless_ac_easy-upgrader_tew-820ap	A stack overflow vulnerability exists in TrendNet Wireless AC Easy-Upgrader TEW-820AP (Version v1.0R, firmware version 1.01.B01) which may result in remote code execution.	2022-12-07	not yet calculated	CVE-2022-44373 MISC
typora — typora	Typora versions prior to 1.4.4 fails to properly neutralize JavaScript code, which may result in executing JavaScript code contained in the file when opening a file with the affected product.	2022-12-07	not yet calculated	CVE-2022-43668 MISC MISC
western_digital — my_cloud	Improper Authentication vulnerability in the encrypted volumes and auto mount features of Western Digital My Cloud devices allows insecure direct access to the drive information in the case of a device reset. This issue affects: Western Digital My Cloud My Cloud versions prior to 5.25.124 on Linux.	2022-12-09	not yet calculated	CVE-2022-29838 MISC
western_digital — my_cloud	Insufficiently Protected Credentials vulnerability in the remote backups application on Western Digital My Cloud devices that could allow an attacker who has gained access to a relevant endpoint to use that information to access protected data. This issue affects: Western Digital My Cloud My Cloud versions prior to 5.25.124 on Linux.	2022-12-09	not yet calculated	CVE-2022-29839 MISC
wireshark — wireshark	Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows	2022-12-09	not yet calculated	CVE-2022-3724 MISC MISC CONFIRM
xen_project — xen	Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the linear section of the SKB and some NICs behave badly if this is not the case. This has been reported to occur with Cisco (enic) and Broadcom NetXtrem II BCM5780 (bnx2x) though it may be an issue with other NICs/drivers as well. In case the frontend is sending requests with split headers, netback will forward those violating above mentioned assumption to the networking core, resulting in said misbehavior.	2022-12-07	not yet calculated	CVE-2022-3643 MISC MLIST
yauaa — yauaa	Yet Another UserAgent Analyzer (Yauaa) is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an ArrayIndexOutOfBoundsException. If uncaught the exception will result in a program crash. Applications that do not use this feature are not affected. Users are advised to upgrade to version 7.9.0. Users unable to upgrade may catch and discard any ArrayIndexOutOfBoundsException thrown by the Yauaa library.	2022-12-08	not yet calculated	CVE-2022-23496 MISC MISC
yii — gii	Yii Yii2 Gii through 2.2.4 allows stored XSS by injecting a payload into any field.	2022-12-09	not yet calculated	CVE-2022-34297 MISC
zephyr — zephyr	There is an error in the condition of the last if-statement in the function smp_check_keys. It was rejecting current keys if all requirements were unmet.	2022-12-09	not yet calculated	CVE-2022-2993 MISC
zkteco — xiamen_information_technology_zkbio_eco_adms	ZKTeco Xiamen Information Technology ZKBio ECO ADMS <=3.1-164 is vulnerable to Cross Site Scripting (XSS).	2022-12-09	not yet calculated	CVE-2022-44213 MISC

This product is provided subject to this Notification and this Privacy & Use policy.

alerts

Fortinet Releases Security Updates for FortiOS

Post author By admin
Post date December 12, 2022

Original release date: December 12, 2022

Fortinet has released security updates to address a heap-based buffer overflow vulnerability (CVE-2022-42475) in FortiOS. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability has been exploited in the wild.

CISA encourages users and administrators to review Fortinet security advisory FG-IR-22-368, apply the necessary updates, and validate systems against the IOCs listed in the advisory.

This product is provided subject to this Notification and this Privacy & Use policy.

Managed Security Services

Cyber Threat Intelligence

iDNA

SiON

About Us

Leadership

Advisors

Cyber Security Assessment

SOC Cost Calculator

Request a Dark Web Report

Cyber Security Threat Alerts

What is Incident Response?

SOC 2 Compliance

Cyber Security Definitions and Terminology

Cyber Security Jobs

Blog

Podcast

Instagram

LinkedIn

Twitter

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

Company

Our services

Resources

Partners

Cyber news

Weekly Newsletter

Subscribe to our weekly newsletter on cyber news and best practices!