by Scott Muniz | Dec 28, 2022 | Security, Technology
This article is contributed. See the original author and article here.
mozilla — multiple_products |
An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could craft a custom login URL, convince a VPN user to login via that URL, and obtain authenticated access as that user. This issue is limited to cases where attacker and victim are sharing the same source IP and could allow the ability to view session states and disconnect VPN sessions. This vulnerability affects Mozilla VPN iOS 1.0.7 < (929), Mozilla VPN Windows < 1.2.2, and Mozilla VPN Android 1.1.0 < (1360). |
2022-12-22 |
not yet calculated |
CVE-2020-15679 MISC MISC MISC MISC |
mozilla — thunderbird |
During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7. |
2022-12-22 |
not yet calculated |
CVE-2020-15685 MISC MISC |
is.js — is.js |
is.js is a general-purpose check library. Versions 0.9.0 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). is.js uses a regex copy-pasted from a gist to validate URLs. Trying to validate a malicious string can cause the regex to loop “forever.” This vulnerability was found using a CodeQL query which identifies inefficient regular expressions. is.js has no patch for this issue. |
2022-12-22 |
not yet calculated |
CVE-2020-26302 CONFIRM MISC |
furqan — furqan |
A vulnerability classified as critical has been found in Furqan node-whois. Affected is an unknown function of the file index.coffee. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’). It is possible to launch the attack remotely. The name of the patch is 46ccc2aee8d063c7b6b4dee2c2834113b7286076. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216252. |
2022-12-19 |
not yet calculated |
CVE-2020-36618 N/A N/A N/A |
multimon-ng — multimon-ng |
A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the function add_ch of the file demod_flex.c. The manipulation of the argument ch leads to format string. Upgrading to version 1.2.0 is able to address this issue. The name of the patch is e5a51c508ef952e81a6da25b43034dd1ed023c07. It is recommended to upgrade the affected component. The identifier VDB-216269 was assigned to this vulnerability. |
2022-12-19 |
not yet calculated |
CVE-2020-36619 N/A N/A N/A N/A |
brondahl — enumstringvalues |
A vulnerability was found in Brondahl EnumStringValues up to 4.0.0. It has been declared as problematic. This vulnerability affects the function GetStringValuesWithPreferences_Uncache of the file EnumStringValues/EnumExtensions.cs. The manipulation leads to resource consumption. Upgrading to version 4.0.1 is able to address this issue. The name of the patch is c0fc7806beb24883cc2f9543ebc50c0820297307. It is recommended to upgrade the affected component. VDB-216466 is the identifier assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2020-36620 N/A N/A MISC |
chedabob — whatismyudid |
A vulnerability, which was classified as problematic, has been found in chedabob whatismyudid. Affected by this issue is the function exports.enrollment of the file routes/mobileconfig.js. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is bb33d4325fba80e7ea68b79121dba025caf6f45f. It is recommended to apply a patch to fix this issue. VDB-216470 is the identifier assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2020-36621 N/A N/A |
sah-comp — bienlein |
A vulnerability was found in sah-comp bienlein and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is d7836a4f2b241e4745ede194f0f6fb47199cab6b. It is recommended to apply a patch to fix this issue. The identifier VDB-216473 was assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2020-36622 N/A N/A |
pengu — pengu |
A vulnerability was found in Pengu. It has been declared as problematic. Affected by this vulnerability is the function runApp of the file src/index.js. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The name of the patch is aea66f12b8cdfc3c8c50ad6a9c89d8307e9d0a91. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216475. |
2022-12-21 |
not yet calculated |
CVE-2020-36623 N/A N/A |
ahorner — text-helpers |
A vulnerability was found in ahorner text-helpers up to 1.0.x. It has been declared as critical. This vulnerability affects unknown code of the file lib/text_helpers/translation.rb. The manipulation of the argument link leads to use of web link to untrusted target with window.opener access. The attack can be initiated remotely. Upgrading to version 1.1.0 is able to address this issue. The name of the patch is 184b60ded0e43c985788582aca2d1e746f9405a3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216520. |
2022-12-22 |
not yet calculated |
CVE-2020-36624 MISC MISC MISC MISC |
activity_watch — activity_watch |
Activity Watch is a free and open-source automated time tracker. Versions prior to 0.11.0 allow an attacker to execute arbitrary commands on any macOS machine with ActivityWatch running. The attacker can exploit this vulnerability by having the user visiting a website with the page title set to a malicious string. An attacker could use another application to accomplish the same, but the web browser is the most likely attack vector. This issue is patched in version 0.11.0. As a workaround, users can run the latest version of aw-watcher-window from source, or manually patch the `printAppTitle.scpt` file. |
2022-12-23 |
not yet calculated |
CVE-2021-32692 CONFIRM |
openatom_foundation — openeuler |
After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a result, the released memory is used (use-after-free). |
2022-12-19 |
not yet calculated |
CVE-2021-33640 MISC |
beijing — baidunetdisk |
Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
2022-12-22 |
not yet calculated |
CVE-2021-36631 MISC |
mozilla — thunderbird |
When receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer added by a mailing list gateway, Thunderbird only considered the inner signed message for the signature validity. This gave the false impression that the additional contents were also covered by the digital signature. Starting with Thunderbird version 91.4.1, only the signature that belongs to the top level MIME part will be considered for the displayed status. This vulnerability affects Thunderbird < 91.4.1. |
2022-12-22 |
not yet calculated |
CVE-2021-4126 MISC MISC |
mozilla — multiple_products |
An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird < 78.9 and Firefox ESR < 78.9. |
2022-12-22 |
not yet calculated |
CVE-2021-4127 MISC MISC MISC |
mozilla — firefox_for_macos |
When transitioning in and out of fullscreen mode, a graphics object was not correctly protected; resulting in memory corruption and a potentially exploitable crash. *This bug only affects Firefox on MacOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95. |
2022-12-22 |
not yet calculated |
CVE-2021-4128 MISC MISC |
mozilla — multiple_products |
Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 95, Firefox ESR < 91.4.0, and Thunderbird < 91.4.0. |
2022-12-22 |
not yet calculated |
CVE-2021-4129 MISC MISC MISC MISC |
mozilla — multiple_products |
It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2021-4140 MISC MISC MISC MISC |
criego — active_attr |
A vulnerability classified as problematic has been found in cgriego active_attr up to 0.15.2. This affects the function call of the file lib/active_attr/typecasting/boolean_typecaster.rb of the component Regex Handler. The manipulation of the argument value leads to denial of service. The exploit has been disclosed to the public and may be used. Upgrading to version 0.15.3 is able to address this issue. The name of the patch is dab95e5843b01525444b82bd7b336ef1d79377df. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216207. |
2022-12-18 |
not yet calculated |
CVE-2021-4250 N/A N/A N/A N/A MISC |
phpredisadmin– phpredisadmin |
A vulnerability was found in phpRedisAdmin up to 1.16.1. It has been classified as problematic. This affects the function authHttpDigest of the file includes/login.inc.php. The manipulation of the argument response leads to use of wrong operator in string comparison. Upgrading to version 1.16.2 is able to address this issue. The name of the patch is 31aa7661e6db6f4dffbf9a635817832a0a11c7d9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216267. |
2022-12-19 |
not yet calculated |
CVE-2021-4259 N/A N/A MISC |
oils-js — oils-js |
A vulnerability was found in oils-js. It has been declared as critical. This vulnerability affects unknown code of the file core/Web.js. The manipulation leads to open redirect. The attack can be initiated remotely. The name of the patch is fad8fbae824a7d367dacb90d56cb02c5cb999d42. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216268. |
2022-12-19 |
not yet calculated |
CVE-2021-4260 N/A N/A |
platzhersh — pacman-canvas |
A vulnerability classified as critical has been found in pacman-canvas up to 1.0.5. Affected is the function addHighscore of the file data/db-handler.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 1.0.6 is able to address this issue. The name of the patch is 29522c90ca1cebfce6453a5af5a45281d99b0646. It is recommended to upgrade the affected component. VDB-216270 is the identifier assigned to this vulnerability. |
2022-12-19 |
not yet calculated |
CVE-2021-4261 N/A N/A N/A |
laravel-jqgrid — laravel-jqgrid |
A vulnerability classified as critical was found in laravel-jqgrid. Affected by this vulnerability is the function getRows of the file src/Mgallegos/LaravelJqgrid/Repositories/EloquentRepositoryAbstract.php. The manipulation leads to sql injection. The name of the patch is fbc2d94f43d0dc772767a5bdb2681133036f935e. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216271. |
2022-12-19 |
not yet calculated |
CVE-2021-4262 N/A N/A N/A |
leanote — leanote |
A vulnerability, which was classified as problematic, has been found in leanote. This issue affects the function define of the file public/js/plugins/history.js. The manipulation of the argument content leads to cross site scripting. The attack may be initiated remotely. The name of the patch is https:/github.com/leanote/leanote/commit/0f9733c890077942150696dcc6d2b1482b7a0a19. It is recommended to apply a patch to fix this issue. The identifier VDB-216461 was assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2021-4263 N/A N/A |
linkedin — dustjs |
A vulnerability was found in LinkedIn dustjs up to 2.x and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.0 is able to address this issue. The name of the patch is ddb6523832465d38c9d80189e9de60519ac307c3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216464. |
2022-12-21 |
not yet calculated |
CVE-2021-4264 N/A N/A N/A N/A MISC MISC |
siwapp — siwapp-ror |
A vulnerability was found in siwapp-ror. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 924d16008cfcc09356c87db01848e45290cb58ca. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216467. |
2022-12-21 |
not yet calculated |
CVE-2021-4265 N/A N/A N/A |
webdetails — cpf |
A vulnerability classified as problematic has been found in Webdetails cpf up to 9.5.0.0-80. Affected is an unknown function of the file core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java. The manipulation of the argument baseUrl leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 9.5.0.0-81 is able to address this issue. The name of the patch is 3bff900d228e8cae3af256b447c5d15bdb03c174. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216468. |
2022-12-21 |
not yet calculated |
CVE-2021-4266 N/A N/A N/A N/A |
tad_discuss — tad_discuss |
A vulnerability classified as problematic was found in tad_discuss. Affected by this vulnerability is an unknown functionality. The manipulation of the argument DiscussTitle leads to cross site scripting. The attack can be launched remotely. The name of the patch is af94d034ff8db642d05fd8788179eab05f433958. It is recommended to apply a patch to fix this issue. The identifier VDB-216469 was assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2021-4267 N/A N/A N/A |
phpredisadmin– phpredisadmin |
A vulnerability, which was classified as problematic, was found in phpRedisAdmin up to 1.17.3. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 1.18.0 is able to address this issue. The name of the patch is b9039adbb264c81333328faa9575ecf8e0d2be94. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216471. |
2022-12-21 |
not yet calculated |
CVE-2021-4268 N/A N/A N/A |
simplerisk — simplerisk |
A vulnerability has been found in SimpleRisk and classified as problematic. This vulnerability affects the function checkAndSetValidation of the file simplerisk/js/common.js. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 20220306-001 is able to address this issue. The name of the patch is 591405b4ed160fbefc1dca1e55c5745079a7bb48. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216472. |
2022-12-21 |
not yet calculated |
CVE-2021-4269 N/A N/A N/A |
imprint_cms — imprint_cms |
A vulnerability was found in Imprint CMS. It has been classified as problematic. Affected is the function SearchForm of the file ImprintCMS/Models/ViewHelpers.cs. The manipulation of the argument query leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6140b140ccd02b5e4e7d6ba013ac1225724487f4. It is recommended to apply a patch to fix this issue. VDB-216474 is the identifier assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2021-4270 N/A N/A |
w2wiki — w2wiki |
A vulnerability was found in panicsteve w2wiki. It has been rated as problematic. Affected by this issue is the function toHTML of the file index.php of the component Markdown Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is 8f1d0470b4ddb1c7699e3308e765c11ed29542b6. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216476. |
2022-12-21 |
not yet calculated |
CVE-2021-4271 N/A N/A |
studygolang — studygolang |
A vulnerability classified as problematic has been found in studygolang. This affects an unknown part of the file static/js/topics.js. The manipulation of the argument contentHtml leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 0fb30f9640bd5fa0cae58922eac6c00bb1a94391. It is recommended to apply a patch to fix this issue. The identifier VDB-216477 was assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2021-4272 N/A N/A |
studygolang — studygolang |
A vulnerability classified as problematic was found in studygolang. This vulnerability affects the function Search of the file http/controller/search.go. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 97ba556d42fa89dfaa7737e9cd3a8ddaf670bb23. It is recommended to apply a patch to fix this issue. VDB-216478 is the identifier assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2021-4273 N/A N/A N/A |
sileht — bird-lg |
A vulnerability, which was classified as problematic, has been found in sileht bird-lg. This issue affects some unknown processing of the file templates/layout.html. The manipulation of the argument request_args leads to cross site scripting. The attack may be initiated remotely. The name of the patch is ef6b32c527478fefe7a4436e10b96ee28ed5b308. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216479. |
2022-12-21 |
not yet calculated |
CVE-2021-4274 N/A N/A N/A |
pyambic-pentameter — pyambic-pentameter |
A vulnerability, which was classified as problematic, was found in katlings pyambic-pentameter. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The name of the patch is 974f21aa1b2527ef39c8afe1a5060548217deca8. It is recommended to apply a patch to fix this issue. VDB-216498 is the identifier assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2021-4275 N/A N/A |
sourcecodester — simple_client_management_system |
A Stored Cross-site scripting (XSS) vulnerability via MAster.php in Sourcecodetester Simple Client Management System (SCMS) 1.0 allows remote attackers to inject arbitrary web script or HTML via the vulnerable input fields. |
2022-12-22 |
not yet calculated |
CVE-2021-43657 MISC |
harmonyos — harmonyos |
The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. |
2022-12-20 |
not yet calculated |
CVE-2021-46856 MISC |
mozilla — firefox |
Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell Jesup, Luan Herrera, Lars T Hansen, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97. |
2022-12-22 |
not yet calculated |
CVE-2022-0511 MISC MISC |
mozilla — vpn |
Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitrary code with SYSTEM privilege. This vulnerability affects Mozilla VPN < 2.7.1. |
2022-12-22 |
not yet calculated |
CVE-2022-0517 MISC MISC |
mozilla — thunderbird |
It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write of one byte when processing the message. This vulnerability affects Thunderbird < 91.6.1. |
2022-12-22 |
not yet calculated |
CVE-2022-0566 MISC MISC |
mozilla — firefox |
Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 98. |
2022-12-22 |
not yet calculated |
CVE-2022-0843 MISC MISC |
mozilla — multiple_products |
NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. |
2022-12-22 |
not yet calculated |
CVE-2022-1097 MISC MISC MISC MISC |
mozilla — multiple_products |
After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8 and Firefox ESR < 91.8. |
2022-12-22 |
not yet calculated |
CVE-2022-1196 MISC MISC MISC |
mozilla — thunderbird |
When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. Revocation statements that used another revocation reason, or that didn’t specify a revocation reason, were unaffected. This vulnerability affects Thunderbird < 91.8. |
2022-12-22 |
not yet calculated |
CVE-2022-1197 MISC MISC |
mozilla — thunderbird |
When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A might be shown with the security status of message B. This vulnerability affects Thunderbird < 91.9. |
2022-12-22 |
not yet calculated |
CVE-2022-1520 MISC MISC |
mozilla — multiple_products |
An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1. |
2022-12-22 |
not yet calculated |
CVE-2022-1529 MISC MISC |
mozilla — multiple_products |
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1. |
2022-12-22 |
not yet calculated |
CVE-2022-1802 MISC MISC |
mozilla — thunderbird |
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker’s digital signature, that was shown with an arbitrary sender email address chosen by the attacker. If the sender name started with a false email address, followed by many Braille space characters, the attacker’s email address was not visible. Because Thunderbird compared the invisible sender address with the signature’s email address, if the signing key or certificate was accepted by Thunderbird, the email was shown as having a valid digital signature. This vulnerability affects Thunderbird < 91.10. |
2022-12-22 |
not yet calculated |
CVE-2022-1834 MISC MISC |
mozilla — multiple_products |
If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. |
2022-12-22 |
not yet calculated |
CVE-2022-2200 MISC MISC MISC MISC |
mozilla — thunderbird |
An OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a digital signature, the email’s date will be shown. If the dates were different, then Thunderbird didn’t report the email as having an invalid signature. If an attacker performed a replay attack, in which an old email with old contents are resent at a later time, it could lead the victim to believe that the statements in the email are current. Fixed versions of Thunderbird will require that the signature’s date roughly matches the displayed date of the email. This vulnerability affects Thunderbird < 102 and Thunderbird < 91.11. |
2022-12-22 |
not yet calculated |
CVE-2022-2226 MISC MISC |
ibm — identity_manager |
IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 224915. |
2022-12-24 |
not yet calculated |
CVE-2022-22449 MISC MISC |
ibm — identity_manager |
IBM Security Verify Governance, Identity Manager 10.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 225004. |
2022-12-22 |
not yet calculated |
CVE-2022-22456 MISC MISC |
ibm — identity_manager |
IBM Security Verify Governance, Identity Manager 10.0.1 stores sensitive information including user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 225007. |
2022-12-22 |
not yet calculated |
CVE-2022-22457 MISC MISC |
ibm — identity_manager |
IBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear text which can be read by a remote authenticated user. IBM X-Force ID: 225009. |
2022-12-22 |
not yet calculated |
CVE-2022-22458 MISC MISC |
ibm — identity_manager |
IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225007. |
2022-12-22 |
not yet calculated |
CVE-2022-22461 MISC MISC |
mozilla — firefox |
If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default. *This bug only affects Firefox for Windows in a non-default installation. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96. |
2022-12-22 |
not yet calculated |
CVE-2022-22736 MISC MISC |
mozilla — multiple_products |
Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22737 MISC MISC MISC MISC |
mozilla — multiple_products |
Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22738 MISC MISC MISC MISC |
mozilla — multiple_products |
Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22739 MISC MISC MISC MISC |
mozilla — multiple_products |
Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22740 MISC MISC MISC MISC |
mozilla — multiple_products |
When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22741 MISC MISC MISC MISC |
mozilla — multiple_products |
When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22742 MISC MISC MISC MISC |
mozilla — multiple_products |
When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22743 MISC MISC MISC MISC |
mozilla — multiple_products |
The constructed curl command from the “Copy as curl” feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt. *This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22744 MISC MISC MISC MISC |
mozilla — multiple_products |
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22745 MISC MISC MISC MISC |
mozilla — multiple_products |
A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22746 MISC MISC MISC MISC |
mozilla — multiple_products |
After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22747 MISC MISC MISC MISC |
mozilla — multiple_products |
Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22748 MISC MISC MISC MISC |
mozilla — firefox_for_android |
When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96. |
2022-12-22 |
not yet calculated |
CVE-2022-22749 MISC MISC |
mozilla — multiple_products |
By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to. *This bug only affects Firefox for Windows and MacOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96. |
2022-12-22 |
not yet calculated |
CVE-2022-22750 MISC MISC |
mozilla — multiple_products |
Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. |
2022-12-22 |
not yet calculated |
CVE-2022-22751 MISC MISC MISC MISC |
mozilla — firefox |
Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 96. |
2022-12-22 |
not yet calculated |
CVE-2022-22752 MISC MISC |
mozilla — multiple_products |
A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. |
2022-12-22 |
not yet calculated |
CVE-2022-22753 MISC MISC MISC MISC |
mozilla — multiple_products |
If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. |
2022-12-22 |
not yet calculated |
CVE-2022-22754 MISC MISC MISC MISC |
mozilla — firefox |
By using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript (within the bounds of the same-origin policy) even after the tab was closed. This vulnerability affects Firefox < 97. |
2022-12-22 |
not yet calculated |
CVE-2022-22755 MISC MISC |
mozilla — multiple_products |
If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. |
2022-12-22 |
not yet calculated |
CVE-2022-22756 MISC MISC MISC MISC |
mozilla — firefox |
Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user’s browser to control it. *This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.*. This vulnerability affects Firefox < 97. |
2022-12-22 |
not yet calculated |
CVE-2022-22757 MISC MISC |
mozilla — firefox |
When clicking on a tel: link, USSD codes, specified after a * character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user’s account, similar to a cross-site request forgery attack. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97. |
2022-12-22 |
not yet calculated |
CVE-2022-22758 MISC MISC |
mozilla — multiple_products |
If a document created a sandboxed iframe without allow-scripts , and subsequently appended an element to the iframe’s document that e.g. had a JavaScript event handler – the event handler would have run despite the iframe’s sandbox. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. |
2022-12-22 |
not yet calculated |
CVE-2022-22759 MISC MISC MISC MISC |
mozilla — multiple_products |
When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. |
2022-12-22 |
not yet calculated |
CVE-2022-22760 MISC MISC MISC MISC MISC |
mozilla — multiple_products |
Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension’s Content Security Policy. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. |
2022-12-22 |
not yet calculated |
CVE-2022-22761 MISC MISC MISC MISC |
mozilla — firefox_for_android |
Under certain circumstances, a JavaScript alert (or prompt) could have been shown while another website was displayed underneath it. This could have been abused to trick the user. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97. |
2022-12-22 |
not yet calculated |
CVE-2022-22762 MISC MISC |
mozilla — multiple_products |
When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. This vulnerability affects Firefox < 96, Thunderbird < 91.6, and Firefox ESR < 91.6. |
2022-12-22 |
not yet calculated |
CVE-2022-22763 MISC MISC MISC MISC |
mozilla — multiple_products |
Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. |
2022-12-22 |
not yet calculated |
CVE-2022-22764 MISC MISC MISC MISC |
pi-hole — adminlte |
Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on `queryads` endpoint. In the case of application, this vulnerability exists because of a lack of validation in code on a root server path: `/admin/scripts/pi-hole/phpqueryads.php.` Potential threat actor(s) are able to perform an unauthorized query search in blocked domain lists. This could lead to the disclosure for any victims’ personal blacklists. |
2022-12-23 |
not yet calculated |
CVE-2022-23513 MISC MISC |
auth0 — jsonwebtoken |
node-jsonwebtoken is a JsonWebToken implementation for node.js. For versions `<= 8.5.1` of `jsonwebtoken` library, if a malicious actor has the ability to modify the key retrieval parameter (referring to the `secretOrPublicKey` argument from the readme link of the `jwt.verify()` function, they can write arbitrary files on the host machine. Users are affected only if untrusted entities are allowed to modify the key retrieval parameter of the `jwt.verify()` on a host that you control. This issue has been fixed, please update to version 9.0.0. |
2022-12-21 |
not yet calculated |
CVE-2022-23529 MISC MISC |
cortex_project — cortex |
Cortex provides multi-tenant, long term storage for Prometheus. A local file inclusion vulnerability exists in Cortex versions 1.13.0, 1.13.1 and 1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted to the Alertmanager Set Configuration API. Only users of the Alertmanager service where `-experimental.alertmanager.enable-api` or `enable_api: true` is configured are affected. Affected Cortex users are advised to upgrade to patched versions 1.13.2 or 1.14.1. However as a workaround, Cortex administrators may reject Alertmanager configurations containing the `api_key_file` setting in the `opsgenie_configs` section before sending to the Set Alertmanager Configuration API. |
2022-12-19 |
not yet calculated |
CVE-2022-23536 MISC MISC MISC MISC |
pjsip — pjsip |
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch (2.13.1). |
2022-12-20 |
not yet calculated |
CVE-2022-23537 MISC MISC |
auth0 — jsonwebtoken |
Versions `<=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the GitHub Security Advisory as unaffected. This issue has been fixed, please update to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you’ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions. |
2022-12-23 |
not yet calculated |
CVE-2022-23539 MISC MISC |
auth0 — jsonwebtoken |
In versions `<=8.5.1` of `jsonwebtoken` library, lack of algorithm definition in the `jwt.verify()` function can lead to signature validation bypass due to defaulting to the `none` algorithm for signature verification. Users are affected if you do not specify algorithms in the `jwt.verify()` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the `jwt.verify()` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the `none` algorithm. If you need 'none' algorithm, you have to explicitly specify that in `jwt.verify()` options. |
2022-12-22 |
not yet calculated |
CVE-2022-23540 MISC MISC |
auth0 — jsonwebtoken |
jsonwebtoken is an implementation of JSON Web Tokens. Versions `<= 8.5.1` of `jsonwebtoken` library can be misconfigured so that passing a poorly implemented key retrieval function referring to the `secretOrPublicKey` argument from the readme link will result in incorrect verification of tokens. There is a possibility of using a different algorithm and key combination in verification, other than the one that was used to sign the tokens. Specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to successful validation of forged tokens. If your application is supporting usage of both symmetric key and asymmetric key in jwt.verify() implementation with the same key retrieval function. This issue has been patched, please update to version 9.0.0. |
2022-12-22 |
not yet calculated |
CVE-2022-23541 MISC MISC MISC |
openfga — openfga |
OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. During an internal security assessment, it was discovered that OpenFGA version 0.3.0 is vulnerable to authorization bypass under certain conditions. This issue has been patched in version 0.3.1 and is backward compatible. |
2022-12-20 |
not yet calculated |
CVE-2022-23542 MISC MISC MISC |
silverware_games — silverware_games |
Silverware Games is a social network where people can play games online. Users can attach URLs to YouTube videos, the site will generate related “ when the post will be published. The handler has some sort of protection so non-YouTube links can’t be posted, as well as HTML tags are being stripped. However, it was still possible to add custom HTML attributes (e.g. `onclick=alert(“xss”)`) to the `’. This issue was fixed in the version `1.1.34` and does not require any extra actions from our members. There has been no evidence that this vulnerability was used by anyone at this time. |
2022-12-19 |
not yet calculated |
CVE-2022-23543 MISC |
pjsip — pjsip |
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as commit in the master branch. |
2022-12-23 |
not yet calculated |
CVE-2022-23547 MISC MISC MISC |
azure — aad-pod-identity |
aad-pod-identity assigns Azure Active Directory identities to Kubernetes applications and has now been deprecated as of 24 October 2022. The NMI component in AAD Pod Identity intercepts and validates token requests based on regex. In this case, a token request made with backslash in the request (example: `/metadata/identityoauth2token/`) would bypass the NMI validation and be sent to IMDS allowing a pod in the cluster to access identities that it shouldn’t have access to. This issue has been fixed and has been included in AAD Pod Identity release version 1.8.13. If using the AKS pod-managed identities add-on, no action is required. The clusters should now be running the version 1.8.13 release. |
2022-12-21 |
not yet calculated |
CVE-2022-23551 MISC MISC MISC |
codeigniter4 — codeigniter4 |
CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `ConfigApp::$proxyIPs`. As a workaround, do not use `$request->getIPAddress()`. |
2022-12-22 |
not yet calculated |
CVE-2022-23556 MISC MISC |
aveva — intouch_access_anywhere |
AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server. |
2022-12-23 |
not yet calculated |
CVE-2022-23854 MISC |
snyk — abacus-ext-cmdline |
All versions of package abacus-ext-cmdline are vulnerable to Command Injection via the execute function due to improper user-input sanitization. |
2022-12-21 |
not yet calculated |
CVE-2022-24431 CONFIRM |
mozilla — multiple_products |
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1. |
2022-12-22 |
not yet calculated |
CVE-2022-2505 MISC MISC MISC MISC |
snyk — p4 |
The package p4 before 0.0.7 are vulnerable to Command Injection via the run() function due to improper input sanitization |
2022-12-20 |
not yet calculated |
CVE-2022-25171 CONFIRM CONFIRM CONFIRM |
vm2 — vm2 |
The package vm2 before 3.9.10 are vulnerable to Arbitrary Code Execution due to the usage of prototype lookup for the WeakMap.prototype.set method. Exploiting this vulnerability leads to access to a host object and a sandbox compromise. |
2022-12-21 |
not yet calculated |
CVE-2022-25893 CONFIRM CONFIRM CONFIRM CONFIRM |
snyk — lite-dev-server |
All versions of package lite-dev-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code. |
2022-12-21 |
not yet calculated |
CVE-2022-25895 CONFIRM CONFIRM CONFIRM |
snyk — safe-eval
|
All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype. |
2022-12-20 |
not yet calculated |
CVE-2022-25904 CONFIRM CONFIRM |
snyk– smoothie
|
The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting (XSS) due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties. |
2022-12-21 |
not yet calculated |
CVE-2022-25929 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
snyk — easy-static-server |
All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code. |
2022-12-20 |
not yet calculated |
CVE-2022-25931 CONFIRM CONFIRM CONFIRM |
snyk — package_lite_server
|
All versions of package lite-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse. |
2022-12-20 |
not yet calculated |
CVE-2022-25940 CONFIRM CONFIRM CONFIRM |
liquidjs — liquidjs |
The package liquidjs before 10.0.0 are vulnerable to Information Exposure when ownPropertyOnly parameter is set to False, which results in leaking properties of a prototype. Workaround For versions 9.34.0 and higher, an option to disable this functionality is provided. |
2022-12-22 |
not yet calculated |
CVE-2022-25948 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
mozilla — multiple_products |
An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. |
2022-12-22 |
not yet calculated |
CVE-2022-26381 MISC MISC MISC MISC |
mozilla — firefox |
While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98. |
2022-12-22 |
not yet calculated |
CVE-2022-26382 MISC MISC |
mozilla — multiple_products |
When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. |
2022-12-22 |
not yet calculated |
CVE-2022-26383 MISC MISC MISC MISC |
mozilla — multiple_products |
If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts , they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. |
2022-12-22 |
not yet calculated |
CVE-2022-26384 MISC MISC MISC MISC |
mozilla — firefox |
In unusual circumstances, an individual thread may outlive the thread’s manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 98. |
2022-12-22 |
not yet calculated |
CVE-2022-26385 MISC MISC |
mozilla — multiple_products |
Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in /tmp , but this behavior was changed to download them to /tmp where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. *This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7. |
2022-12-22 |
not yet calculated |
CVE-2022-26386 MISC MISC MISC |
mozilla — multiple_products |
When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. |
2022-12-22 |
not yet calculated |
CVE-2022-26387 MISC MISC MISC MISC |
mozilla — multiple_products |
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. |
2022-12-22 |
not yet calculated |
CVE-2022-26485 MISC MISC |
mozilla — multiple_products |
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. |
2022-12-22 |
not yet calculated |
CVE-2022-26486 MISC MISC |
hikivision — multiple_products |
The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices. |
2022-12-19 |
not yet calculated |
CVE-2022-28173 MISC |
ydb — server |
Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert statement that would allow him to read sensitive information from other memory locations or cause a crash. |
2022-12-23 |
not yet calculated |
CVE-2022-28228 MISC |
userver — userver |
The hash functionality in userver before 42059b6319661583b3080cab9b595d4f8ac48128 allows attackers to cause a denial of service via crafted HTTP request, involving collisions. |
2022-12-23 |
not yet calculated |
CVE-2022-28229 MISC |
mozilla — multiple_products |
If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. |
2022-12-22 |
not yet calculated |
CVE-2022-28281 MISC MISC MISC MISC |
mozilla — multiple_products |
By using a link with rel="localization" a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. |
2022-12-22 |
not yet calculated |
CVE-2022-28282 MISC MISC MISC MISC |
mozilla — firefox |
The sourceMapURL feature in devtools was missing security checks that would have allowed a webpage to attempt to include local files or other files that should have been inaccessible. This vulnerability affects Firefox < 99. |
2022-12-22 |
not yet calculated |
CVE-2022-28283 MISC MISC |
mozilla — firefox |
SVG’s <use> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko’s implementation was aligned with theirs. This vulnerability affects Firefox < 99. |
2022-12-22 |
not yet calculated |
CVE-2022-28284 MISC MISC |
mozilla — multiple_products |
When generating the assembly code for MLoadTypedArrayElementHole , an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. |
2022-12-22 |
not yet calculated |
CVE-2022-28285 MISC MISC MISC MISC |
mozilla — multiple_products |
Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. |
2022-12-22 |
not yet calculated |
CVE-2022-28286 MISC MISC MISC MISC |
mozilla — firefox |
In unusual circumstances, selecting text could cause text selection caching to behave incorrectly, leading to a crash. This vulnerability affects Firefox < 99. |
2022-12-22 |
not yet calculated |
CVE-2022-28287 MISC MISC |
mozilla — firefox |
Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 99. |
2022-12-22 |
not yet calculated |
CVE-2022-28288 MISC MISC |
mozilla — multiple_products |
Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. |
2022-12-22 |
not yet calculated |
CVE-2022-28289 MISC MISC MISC MISC |
mozilla — multiple_products |
Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. |
2022-12-22 |
not yet calculated |
CVE-2022-29909 MISC MISC MISC MISC |
mozilla — firefox |
When closed or sent to the background, Firefox for Android would not properly record and persist HSTS settings. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 100. |
2022-12-22 |
not yet calculated |
CVE-2022-29910 MISC MISC |
mozilla — multiple_products |
An improper implementation of the new iframe sandbox keyword allow-top-navigation-by-user-activation could lead to script execution without allow-scripts being present. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. |
2022-12-22 |
not yet calculated |
CVE-2022-29911 MISC MISC MISC MISC |
mozilla — multiple_products |
Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. |
2022-12-22 |
not yet calculated |
CVE-2022-29912 MISC MISC MISC MISC |
mozilla — thunderbird |
The parent process would not properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child process. This vulnerability affects Thunderbird < 91.9. |
2022-12-22 |
not yet calculated |
CVE-2022-29913 MISC MISC |
mozilla — multiple_products |
When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. |
2022-12-22 |
not yet calculated |
CVE-2022-29914 MISC MISC MISC MISC |
mozilla — firefox
|
The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects. This vulnerability affects Firefox < 100. |
2022-12-22 |
not yet calculated |
CVE-2022-29915 MISC MISC |
mozilla — multiple_products |
Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. |
2022-12-22 |
not yet calculated |
CVE-2022-29916 MISC MISC MISC MISC |
mozilla — multiple_products |
Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. |
2022-12-22 |
not yet calculated |
CVE-2022-29917 MISC MISC MISC MISC |
mozilla — firefox
|
Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 100. |
2022-12-22 |
not yet calculated |
CVE-2022-29918 MISC MISC |
mozilla — thunderbird |
When receiving an HTML email that contained an iframe element, which used a srcdoc attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1. |
2022-12-22 |
not yet calculated |
CVE-2022-3032 MISC MISC MISC |
mozilla — thunderbird |
If a Thunderbird user replied to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. In combination with certain other HTML elements and attributes in the email, it was possible to execute JavaScript code included in the message in the context of the message compose document. The JavaScript code was able to perform actions including, but probably not limited to, read and modify the contents of the message compose document, including the quoted original message, which could potentially contain the decrypted plaintext of encrypted data in the crafted email. The contents could then be transmitted to the network, either to the URL specified in the META refresh tag, or to a different URL, as the JavaScript code could modify the URL specified in the document. This bug doesn’t affect users who have changed the default Message Body display setting to ‘simple html’ or ‘plain text’. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1. |
2022-12-22 |
not yet calculated |
CVE-2022-3033 MISC MISC MISC |
mozilla — thunderbird |
When receiving an HTML email that specified to load an iframe element from a remote location, a request to the remote document was sent. However, Thunderbird didn’t display the document. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1. |
2022-12-22 |
not yet calculated |
CVE-2022-3034 MISC MISC MISC |
mozilla — thunderbird |
When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm. This vulnerability affects Thunderbird < 102.3. |
2022-12-22 |
not yet calculated |
CVE-2022-3155 MISC MISC |
concourse — concourse |
Concourse (7.x.y prior to 7.8.3 and 6.x.y prior to 6.7.9) contains an authorization bypass issue. A Concourse user can send a request with body including :team_name=team2 to bypass team scope check to gain access to certain resources belong to any other team. |
2022-12-19 |
not yet calculated |
CVE-2022-31683 MISC |
mozilla — multiple_products |
A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. |
2022-12-22 |
not yet calculated |
CVE-2022-31736 MISC MISC MISC MISC |
mozilla — multiple_products |
A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. |
2022-12-22 |
not yet calculated |
CVE-2022-31737 MISC MISC MISC MISC |
mozilla — multiple_products |
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. |
2022-12-22 |
not yet calculated |
CVE-2022-31738 MISC MISC MISC MISC |
mozilla — multiple_products |
When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. |
2022-12-22 |
not yet calculated |
CVE-2022-31739 MISC MISC MISC MISC |
mozilla — multiple_products |
On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. |
2022-12-22 |
not yet calculated |
CVE-2022-31740 MISC MISC MISC MISC |
mozilla — multiple_products |
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. |
2022-12-22 |
not yet calculated |
CVE-2022-31741 MISC MISC MISC MISC |
mozilla — multiple_products |
An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. |
2022-12-22 |
not yet calculated |
CVE-2022-31742 MISC MISC MISC MISC |
mozilla — firefox |
Firefox’s HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101. |
2022-12-22 |
not yet calculated |
CVE-2022-31743 MISC MISC |
mozilla — multiple_products |
An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page’s Content Security Policy. This vulnerability affects Firefox ESR < 91.11, Thunderbird < 102, Thunderbird < 91.11, and Firefox < 101. |
2022-12-22 |
not yet calculated |
CVE-2022-31744 MISC MISC MISC MISC |
mozilla — firefox |
If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox < 101. |
2022-12-22 |
not yet calculated |
CVE-2022-31745 MISC MISC |
mozilla — firefox_for_ios |
Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS < 102. |
2022-12-22 |
not yet calculated |
CVE-2022-31746 MISC MISC |
mozilla — multiple_products |
Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. |
2022-12-22 |
not yet calculated |
CVE-2022-31747 MISC MISC MISC MISC |
mozilla — firefox |
Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 101. |
2022-12-22 |
not yet calculated |
CVE-2022-31748 MISC MISC |
dataprobe — iboot-pdu_fw |
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user, which may expose the affected to an OS command injection vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2022-3183 MISC |
dataprobe — iboot-pdu_fw |
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the device’s existing firmware allows unauthenticated users to access an old PHP page vulnerable to directory traversal, which may allow a user to write a file to the webroot directory. |
2022-12-21 |
not yet calculated |
CVE-2022-3184 MISC |
dataprobe — iboot-pdu_fw |
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product exposes sensitive data concerning the device. |
2022-12-21 |
not yet calculated |
CVE-2022-3185 MISC |
dataprobe — iboot-pdu_fw |
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the device’s main management page from the cloud. This feature enables users to remotely connect devices, however, the current implementation permits users to access other device’s information. |
2022-12-21 |
not yet calculated |
CVE-2022-3186 MISC |
dataprobe — iboot-pdu_fw |
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP pages only validate when a valid connection is established with the database. However, these PHP pages do not verify the validity of a user. Attackers could leverage this lack of verification to read the state of outlets. |
2022-12-21 |
not yet calculated |
CVE-2022-3187 MISC |
dataprobe — iboot-pdu_fw |
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where unauthenticated users could open PHP index pages without authentication and download the history file from the device; the history file includes the latest actions completed by specific users. |
2022-12-21 |
not yet calculated |
CVE-2022-3188 MISC |
dataprobe — iboot-pdu_fw |
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specially crafted PHP script could use parameters from a HTTP request to create a URL capable of changing the host parameter. The changed host parameter in the HTTP could point to another host that will send a request to the host or IP specified in the changed host parameter. |
2022-12-21 |
not yet calculated |
CVE-2022-3189 MISC |
mozilla — multiple_products |
An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. |
2022-12-22 |
not yet calculated |
CVE-2022-3266 MISC MISC MISC MISC |
mitsubishi_electric — multiple_products |
Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions “32” and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions “65” and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU all versions, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V all versions, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU all versions and Mitsubishi Electric Corporation MELIPC Series MI5122-VW all versions allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery. |
2022-12-23 |
not yet calculated |
CVE-2022-33324 MISC MISC MISC |
mozilla — multiple_products |
An iframe that was not permitted to run scripts could do so if the user clicked on a javascript: link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. |
2022-12-22 |
not yet calculated |
CVE-2022-34468 MISC MISC MISC MISC |
mozilla — firefox_for_android
|
When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102. |
2022-12-22 |
not yet calculated |
CVE-2022-34469 MISC MISC |
mozilla — multiple_products
|
Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. |
2022-12-22 |
not yet calculated |
CVE-2022-34470 MISC MISC MISC MISC |
mozilla — firefox |
When downloading an update for an addon, the downloaded addon update’s version was not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the browser into downgrading the addon to a prior version. This vulnerability affects Firefox < 102. |
2022-12-22 |
not yet calculated |
CVE-2022-34471 MISC MISC |
mozilla — multiple_products |
If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. |
2022-12-22 |
not yet calculated |
CVE-2022-34472 MISC MISC MISC MISC |
mozilla — firefox |
The HTML Sanitizer should have sanitized the href attribute of SVG <use> tags; however it incorrectly did not sanitize xlink:href attributes. This vulnerability affects Firefox < 102. |
2022-12-22 |
not yet calculated |
CVE-2022-34473 MISC MISC |
mozilla — firefox |
Even when an iframe was sandboxed with allow-top-navigation-by-user-activation , if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate. This vulnerability affects Firefox < 102. |
2022-12-22 |
not yet calculated |
CVE-2022-34474 MISC MISC |
mozilla — firefox |
SVG <use> tags that referenced a same-origin document could have resulted in script execution if attacker input was sanitized via the HTML Sanitizer API. This would have required the attacker to reference a same-origin JavaScript file containing the script to be executed. This vulnerability affects Firefox < 102. |
2022-12-22 |
not yet calculated |
CVE-2022-34475 MISC MISC |
mozilla — firefox |
ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This vulnerability affects Firefox < 102. |
2022-12-22 |
not yet calculated |
CVE-2022-34476 MISC MISC |
mozilla — firefox |
The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 102. |
2022-12-22 |
not yet calculated |
CVE-2022-34477 MISC MISC |
mozilla — multiple_products |
The ms-msdt , search , and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Thunderbird), so in this release Thunderbird has blocked these protocols from prompting the user to open them. *This bug only affects Thunderbird on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. |
2022-12-22 |
not yet calculated |
CVE-2022-34478 MISC MISC MISC MISC |
mozilla — multiple_products |
A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. *This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. |
2022-12-22 |
not yet calculated |
CVE-2022-34479 MISC MISC MISC MISC |
mozilla — firefox |
Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102. |
2022-12-22 |
not yet calculated |
CVE-2022-34480 MISC MISC |
mozilla — multiple_products |
In the nsTArray_Impl::ReplaceElementsAt() function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. |
2022-12-22 |
not yet calculated |
CVE-2022-34481 MISC MISC MISC MISC |
mozilla — firefox |
An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34483. This vulnerability affects Firefox < 102. |
2022-12-22 |
not yet calculated |
CVE-2022-34482 MISC MISC |
mozilla — firefox |
An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox < 102. |
2022-12-22 |
not yet calculated |
CVE-2022-34483 MISC MISC |
mozilla — multiple_products |
The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. |
2022-12-22 |
not yet calculated |
CVE-2022-34484 MISC MISC MISC MISC |
mozilla — firefox |
Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102. |
2022-12-22 |
not yet calculated |
CVE-2022-34485 MISC MISC |
ibm — security_verify_governance_identity_manager |
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user’s access request using man-in-the-middle techniques. IBM X-Force ID: 231096. |
2022-12-22 |
not yet calculated |
CVE-2022-35646 MISC MISC |
nokia — fastmile |
Nokia Fastmile 3tg00118abad52 is affected by an authenticated path traversal vulnerability which allows attackers to read any named pipe file on the system. |
2022-12-21 |
not yet calculated |
CVE-2022-36221 MISC |
nokia — fastmile |
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface. |
2022-12-21 |
not yet calculated |
CVE-2022-36222 MISC |
mozilla — multiple_products |
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1. |
2022-12-22 |
not yet calculated |
CVE-2022-36314 MISC MISC MISC MISC |
mozilla — firefox |
When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata. This vulnerability affects Firefox < 103. |
2022-12-22 |
not yet calculated |
CVE-2022-36315 MISC MISC |
mozilla — firefox |
When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. This vulnerability affects Firefox < 103. |
2022-12-22 |
not yet calculated |
CVE-2022-36316 MISC MISC |
mozilla — firefox |
When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 103. |
2022-12-22 |
not yet calculated |
CVE-2022-36317 MISC MISC |
mozilla — multiple_products |
When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. |
2022-12-22 |
not yet calculated |
CVE-2022-36318 MISC MISC MISC MISC MISC MISC |
mozilla — multiple_products |
When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. |
2022-12-22 |
not yet calculated |
CVE-2022-36319 MISC MISC MISC MISC MISC MISC |
mozilla — firefox |
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 103. |
2022-12-22 |
not yet calculated |
CVE-2022-36320 MISC MISC |
talos — openimageio_master-branch |
A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensitive information leak. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-36354 MISC |
rockwell_automation — logix_controllers |
An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online and continue normal operation. |
2022-12-19 |
not yet calculated |
CVE-2022-3752 MISC |
grub2 — grub2 |
When rendering certain unicode sequences, grub2’s font code doesn’t proper validate if the informed glyph’s width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2’s heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded. |
2022-12-19 |
not yet calculated |
CVE-2022-3775 MISC |
wordpress — wordpress |
The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various AJAX actions in versions up to, and including, 2.5.6. Authenticated users can use an easily available nonce value to create header templates and make additional changes to the site, as the plugin does not use capability checks for this purpose. |
2022-12-22 |
not yet calculated |
CVE-2022-3794 MISC MISC MISC |
wordpress — wordpress |
The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and including, 2.5.6. Unauthenticated users can use an easily available nonce, obtained from pages edited by the plugin, to update the MailChimp API key, global styles, 404 page settings, and enabled elements. |
2022-12-22 |
not yet calculated |
CVE-2022-3805 MISC MISC MISC |
talos — openstack_kolla_git_master |
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges. |
2022-12-21 |
not yet calculated |
CVE-2022-38060 MISC |
talos — openstack_kolla_git_master |
A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly permissive functionality within tools leveraging this library within a container can lead increased privileges. |
2022-12-21 |
not yet calculated |
CVE-2022-38065 MISC |
talos — openimageio |
A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted bmp file can write to arbitrary out of bounds memory, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-38143 MISC |
mozilla — multiple_products |
An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. |
2022-12-22 |
not yet calculated |
CVE-2022-38472 MISC MISC MISC MISC MISC MISC |
mozilla — multiple_products |
A cross-origin iframe referencing an XSLT document would inherit the parent domain’s permissions (such as microphone or camera access). This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. |
2022-12-22 |
not yet calculated |
CVE-2022-38473 MISC MISC MISC MISC MISC MISC |
mozilla — firefox_for_android |
A website that had permission to access the microphone could record audio without the audio notification being shown. This bug does not allow the attacker to bypass the permission prompt – it only affects the notification shown once permission has been granted. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 104. |
2022-12-22 |
not yet calculated |
CVE-2022-38474 MISC MISC |
mozilla — firefox |
An attacker could have written a value to the first element in a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox < 104. |
2022-12-22 |
not yet calculated |
CVE-2022-38475 MISC MISC |
mozilla — multiple_products |
A data race could occur in the PK11_ChangePW function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunderbird < 102.2. |
2022-12-22 |
not yet calculated |
CVE-2022-38476 MISC MISC MISC |
mozilla — multiple_products |
Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.2, Thunderbird < 102.2, and Firefox < 104. |
2022-12-22 |
not yet calculated |
CVE-2022-38477 MISC MISC MISC MISC |
mozilla — multiple_products |
Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. |
2022-12-22 |
not yet calculated |
CVE-2022-38478 MISC MISC MISC MISC MISC MISC |
zyxel — zyxel_nbg7510 |
A DNS misconfiguration was found in Zyxel NBG7510 firmware versions prior to V1.00(ABZY.3)C0, which could allow an unauthenticated attacker to access the DNS server when the device is switched to the AP mode. |
2022-12-21 |
not yet calculated |
CVE-2022-38546 CONFIRM |
hcl_technologies — bigfix_webui |
BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site. |
2022-12-21 |
not yet calculated |
CVE-2022-38655 MISC |
hcl_technologies — bigfix_webui |
BigFix deployments that have installed the Notification Service on Windows are susceptible to disclosing SMTP BigFix operator’s sensitive data in clear text. Operators who use Notification Service related content from BES Support are at risk of leaving their SMTP sensitive data exposed. |
2022-12-24 |
not yet calculated |
CVE-2022-38658 MISC |
netapp — oncommand_insight |
OnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass vulnerability in the Data Warehouse component. |
2022-12-20 |
not yet calculated |
CVE-2022-38733 MISC |
modzero — click_studios |
A vulnerability classified as critical was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This vulnerability affects unknown code of the component API. The manipulation leads to authentication bypass by assumed-immutable data. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216244. |
2022-12-19 |
not yet calculated |
CVE-2022-3875 MISC MISC MISC |
micro_focus — zenworks_2020 |
A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. This vulnerability allows administrators with rights to perform actions (e.g., install a bundle) on a set of managed devices, to be able to exercise these rights on managed devices in the ZENworks zone but which are outside the scope of the administrator. This vulnerability does not result in the administrators gaining additional rights on the managed devices, either in the scope or outside the scope of the administrator. |
2022-12-23 |
not yet calculated |
CVE-2022-38757 MISC MISC MISC |
modzero — click_studios |
A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This issue affects some unknown processing of the file /api/browserextension/UpdatePassword/ of the component API. The manipulation of the argument PasswordID leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier VDB-216245 was assigned to this vulnerability. |
2022-12-19 |
not yet calculated |
CVE-2022-3876 MISC MISC MISC |
modzero — click_studios |
A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected is an unknown function of the component URL Field Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. VDB-216246 is the identifier assigned to this vulnerability. |
2022-12-19 |
not yet calculated |
CVE-2022-3877 MISC MISC MISC |
d-link — dap |
D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119_beta31 and earlier, DAP-3320 v1.05rc027 beta and earlier, DAP-3662 v1.05rc047 and earlier allows attackers to cause a Denial of Service (DoS) via uploading a crafted firmware after modifying the firmware header. |
2022-12-20 |
not yet calculated |
CVE-2022-38873 MISC MISC |
ibm — aix_vios |
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 235181. |
2022-12-23 |
not yet calculated |
CVE-2022-39164 MISC MISC |
ibm — aix_vios |
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in CAA to cause a denial of service. IBM X-Force ID: 235183. |
2022-12-23 |
not yet calculated |
CVE-2022-39165 MISC MISC |
ghinstallation — ghinstallation |
ghinstallation provides transport, which implements http.RoundTripper to provide authentication as an installation for GitHub Apps. In ghinstallation version 1, when the request to refresh an installation token failed, the HTTP request and response would be returned for debugging. The request contained the bearer JWT for the App, and was returned back to clients. This token is short lived (10 minute maximum). This issue has been patched and is available in version 2.0.0. |
2022-12-20 |
not yet calculated |
CVE-2022-39304 MISC MISC MISC MISC |
typora — typora |
Cross Site Scripting (XSS) vulnerability in typora through 1.38 allows remote attackers to run arbitrary code via export from editor. |
2022-12-23 |
not yet calculated |
CVE-2022-40011 MISC MISC MISC |
apache — karaf |
This vulnerable is about a potential code injection when an attacker has control of the target LDAP server using in the JDBC JNDI URL. The function jaas.modules.src.main.java.porg.apache.karaf.jass.modules.jdbc.JDBCUtils#doCreateDatasource use InitialContext.lookup(jndiName) without filtering. An user can modify `options.put(JDBCUtils.DATASOURCE, “osgi:” + DataSource.class.getName());` to `options.put(JDBCUtils.DATASOURCE,”jndi:rmi://x.x.x.x:xxxx/Command”);` in JdbcLoginModuleTest#setup. This is vulnerable to a remote code execution (RCE) attack when a configuration uses a JNDI LDAP data source URI when an attacker has control of the target LDAP server.This issue affects all versions of Apache Karaf up to 4.4.1 and 4.3.7. We encourage the users to upgrade to Apache Karaf at least 4.4.2 or 4.3.8 |
2022-12-21 |
not yet calculated |
CVE-2022-40145 MISC |
ibm — aix_vios |
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX TCP/IP kernel extension to cause a denial of service. IBM X-Force ID: 235599. |
2022-12-23 |
not yet calculated |
CVE-2022-40233 MISC MISC |
softr — softr |
Softr v2.0 was discovered to be vulnerable to HTML injection via the Name field of the Account page. |
2022-12-19 |
not yet calculated |
CVE-2022-40434 MISC MISC MISC |
sourcecodester — employee_performance_evaluation_system |
Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via adding new entries under the Departments and Designations module. |
2022-12-19 |
not yet calculated |
CVE-2022-40435 MISC MISC MISC |
pfSense — pfBlockerNG |
pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814. |
2022-12-20 |
not yet calculated |
CVE-2022-40624 MISC MISC MISC |
ndk_design — ndkadvancedcustomizationfields |
A cross-site scripting (XSS) vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the “htmlNodes” parameter. |
2022-12-21 |
not yet calculated |
CVE-2022-40841 MISC MISC |
pypa — setuptools |
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py. |
2022-12-23 |
not yet calculated |
CVE-2022-40897 MISC MISC CONFIRM MISC MISC |
pypa — wheel |
An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. |
2022-12-23 |
not yet calculated |
CVE-2022-40898 MISC MISC MISC |
pythoncharmers — python_future |
An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server. |
2022-12-23 |
not yet calculated |
CVE-2022-40899 MISC MISC MISC MISC |
mozilla — firefox_esr_thunderbird |
When injecting an HTML base element, some requests would ignore the CSP’s base-uri settings and accept the injected element’s base instead. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. |
2022-12-22 |
not yet calculated |
CVE-2022-40956 MISC MISC MISC MISC |
mozilla — firefox_esr_thunderbird |
Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash. *This bug only affects Firefox on ARM64 platforms.*. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. |
2022-12-22 |
not yet calculated |
CVE-2022-40957 MISC MISC MISC MISC |
mozilla — firefox_esr_thunderbird |
By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. |
2022-12-22 |
not yet calculated |
CVE-2022-40958 MISC MISC MISC MISC |
mozilla — firefox_esr_thunderbird |
During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. |
2022-12-22 |
not yet calculated |
CVE-2022-40959 MISC MISC MISC MISC |
mozilla — firefox_esr_thunderbird |
Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. |
2022-12-22 |
not yet calculated |
CVE-2022-40960 MISC MISC MISC MISC |
mozilla — firefox_for_android |
During startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash. *This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 105. |
2022-12-22 |
not yet calculated |
CVE-2022-40961 MISC MISC |
mozilla — multiple_products |
Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. |
2022-12-22 |
not yet calculated |
CVE-2022-40962 MISC MISC MISC MISC |
ibm — aix_and_vios |
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. IBM X-Force ID: 236690. |
2022-12-23 |
not yet calculated |
CVE-2022-41290 MISC MISC |
blogengine — blogengine.net |
An issue in the component BlogEngine/BlogEngine.NET/AppCode/Api/UploadController.cs of BlogEngine.NET v3.3.8.0 allows attackers to execute arbitrary code via uploading a crafted PNG file. |
2022-12-19 |
not yet calculated |
CVE-2022-41418 MISC MISC MISC |
harmonyos — harmonyos |
Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability. |
2022-12-20 |
not yet calculated |
CVE-2022-41590 MISC |
harmonyos — harmonyos |
The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files. |
2022-12-20 |
not yet calculated |
CVE-2022-41591 MISC MISC |
openimageio — openimageio |
A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-41639 MISC |
openimageio — openimageio |
A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0. A specially-crafted TIFF file can cause a read of adjacent heap memory, which can leak sensitive process information. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-41649 MISC |
ghost — ghost_foundation_ghost |
An authentication bypass vulnerability exists in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-41654 MISC CONFIRM |
openimageio — openimageio |
A heap out of bounds read vulnerability exists in the OpenImageIO master-branch-9aeece7a when parsing the image file directory part of a PSD image file. A specially-crafted .psd file can cause a read of arbitrary memory address which can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-41684 MISC |
ghost — ghost_foundation_ghost |
A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-41697 MISC |
openimageio — openimageio |
A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-41794 MISC |
openimageio — openimageio_project_openimageio |
An out-of-bounds write vulnerability exists in the OpenImageIO::add_exif_item_to_spec functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially-crafted exif metadata can lead to stack-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-41837 MISC |
openimageio — openimageio_project_openimageio |
A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-41838 MISC |
openimageio — openimageio |
An out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files. A specially-crafted TIFF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-41977 MISC |
openimageio — openimageio |
A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can lead to out of bounds read and write on the process stack, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-41981 MISC |
openimageio — openimageio_project_openimageio |
An information disclosure vulnerability exists in the OpenImageIO::decode_iptc_iim() functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted TIFF file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-41988 MISC |
openimageio — openimageio_project_openimageio |
A denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and v2.4.4.2. A specially-crafted .dds can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-41999 MISC |
wfs_inc — heavenburnsred |
WFS, Inc HeavenBurnsRed 2020.3.15.7141260 is vulnerable to Local Privilege Escalation. |
2022-12-20 |
not yet calculated |
CVE-2022-42046 MISC |
hcl_technology — big_fix |
There are insufficient warnings when a Fixlet is imported by a user. The warning message currently assumes the owner of the script is the logged in user, with insufficient warnings when attempting to run the script. |
2022-12-19 |
not yet calculated |
CVE-2022-42453 MISC |
hcl_technology — big_fix |
Insights for Vulnerability Remediation (IVR) is vulnerable to man-in-the-middle attacks that may lead to information disclosure. This requires privileged network access. |
2022-12-21 |
not yet calculated |
CVE-2022-42454 MISC |
devolutions — remote_desktop_manager |
Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on Windows allows malicious user to access the application. |
2022-12-21 |
not yet calculated |
CVE-2022-4287 MISC |
mozilla — multiple_products |
A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries() . This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106. |
2022-12-22 |
not yet calculated |
CVE-2022-42927 MISC MISC MISC MISC |
mozilla — multiple_products |
Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106. |
2022-12-22 |
not yet calculated |
CVE-2022-42928 MISC MISC MISC MISC |
mozilla — multiple_products |
If a website called window.print() in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user’s session restore settings. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106. |
2022-12-22 |
not yet calculated |
CVE-2022-42929 MISC MISC MISC MISC |
mozilla — firefox_for_android |
If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the ThirdPartyUtil component. This vulnerability affects Firefox < 106. |
2022-12-22 |
not yet calculated |
CVE-2022-42930 MISC MISC |
mozilla — firefox_for_android |
Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox < 106. |
2022-12-22 |
not yet calculated |
CVE-2022-42931 MISC MISC |
mozilla — multiple_products |
Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106. |
2022-12-22 |
not yet calculated |
CVE-2022-42932 MISC MISC MISC MISC |
autodesk — dwg_trueviewtm_2023 |
DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability. Successful exploitation by a malicious attacker could result in remote code execution on the target system. |
2022-12-19 |
not yet calculated |
CVE-2022-42945 MISC |
autodesk — multiple_products |
Parsing a maliciously crafted X_B and PRT file can force Autodesk Maya 2023 to read beyond allocated buffer. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. |
2022-12-19 |
not yet calculated |
CVE-2022-42946 MISC |
autodesk — multiple_products |
A maliciously crafted X_B file when parsed through Autodesk Maya 2023 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution. |
2022-12-19 |
not yet calculated |
CVE-2022-42947 MISC |
silverstripe — subsites |
Silverstripe silverstripe/subsites through 2.6.0 has Insecure Permissions. |
2022-12-21 |
not yet calculated |
CVE-2022-42949 MISC MISC |
inhabit — pty_ltd_move_crm |
Inhabit Systems Pty Ltd Move CRM version 4, build 260 was discovered to contain a cross-site scripting (XSS) vulnerability via the User profile component. |
2022-12-22 |
not yet calculated |
CVE-2022-43271 CONFIRM MISC |
ibm — multiple_products |
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX NFS kernel extension to cause a denial of service. IBM X-Force ID: 238640. |
2022-12-23 |
not yet calculated |
CVE-2022-43380 MISC MISC |
ibm — multiple_products |
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 238639. |
2022-12-23 |
not yet calculated |
CVE-2022-43381 MISC MISC |
plusmessage_app — multiple_products |
KDDI +Message App, NTT DOCOMO +Message App, and SoftBank +Message App contain a vulnerability caused by improper handling of Unicode control characters. +Message App displays text unprocessed, even when control characters are contained, and the text is shown based on Unicode control character’s specifications. Therefore, a crafted text may display misleading web links. As a result, a spoofed URL may be displayed and phishing attacks may be conducted. Affected products and versions are as follows: KDDI +Message App for Android prior to version 3.9.2 and +Message App for iOS prior to version 3.9.4, NTT DOCOMO +Message App for Android prior to version 54.49.0500 and +Message App for iOS prior to version 3.9.4, and SoftBank +Message App for Android prior to version 12.9.5 and +Message App for iOS prior to version 3.9.4 |
2022-12-21 |
not yet calculated |
CVE-2022-43543 MISC MISC MISC MISC |
fedora_36 — curl |
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E) `.`. Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded. |
2022-12-23 |
not yet calculated |
CVE-2022-43551 MISC MISC |
openimageio — openimageio |
An information disclosure vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-43592 MISC |
openimageio — openimageio |
A denial of service vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to null pointer dereference. An attacker can provide malicious input to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-43593 MISC |
openimageio — openimageio |
Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .bmp files. |
2022-12-22 |
not yet calculated |
CVE-2022-43594 MISC |
openimageio — openimageio |
Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .fits files. |
2022-12-22 |
not yet calculated |
CVE-2022-43595 MISC |
openimageio — openimageio |
An information disclosure vulnerability exists in the IFFOutput channel interleaving functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-43596 MISC |
openimageio — openimageio |
Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT8`. |
2022-12-22 |
not yet calculated |
CVE-2022-43597 MISC |
openimageio — openimageio |
Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT16`. |
2022-12-22 |
not yet calculated |
CVE-2022-43598 MISC |
openimageio — openimageio |
Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8` |
2022-12-22 |
not yet calculated |
CVE-2022-43599 MISC |
openimageio — openimageio |
Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16` |
2022-12-22 |
not yet calculated |
CVE-2022-43600 MISC |
openimageio — openimageio |
Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16` |
2022-12-22 |
not yet calculated |
CVE-2022-43601 MISC |
openimageio — openimageio |
Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8` |
2022-12-22 |
not yet calculated |
CVE-2022-43602 MISC |
openimageio — openimageio |
A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability. |
2022-12-22 |
not yet calculated |
CVE-2022-43603 MISC |
ibm — multiple_products
|
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. IBM X-Force ID: 239169. |
2022-12-23 |
not yet calculated |
CVE-2022-43848 MISC MISC |
ibm — multiple_products
|
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX pfcdd kernel extension to cause a denial of service. IBM X-Force ID: 239170. |
2022-12-23 |
not yet calculated |
CVE-2022-43849 MISC MISC |
ibm — navigator_for_i
|
IBM Navigator for i 7.3, 7.4 and 7.5 could allow an authenticated user to access IBM Navigator for i log files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks and download log files by modifying servlet filter. IBM X-Force ID: 239301. |
2022-12-22 |
not yet calculated |
CVE-2022-43857 MISC MISC |
ibm — navigator_for_i
|
IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to access the file system and download files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks by modifying a parameter thereby gaining access to their files through this interface. IBM X-Force ID: 239303. |
2022-12-22 |
not yet calculated |
CVE-2022-43858 MISC MISC |
ibm — navigator_for_i
|
IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information for an object they are authorized to but not while using this interface. By performing a UNION based SQL injection an attacker could see file permissions through this interface. IBM X-Force ID: 239304. |
2022-12-22 |
not yet calculated |
CVE-2022-43859 MISC MISC |
ibm — navigator_for_i |
IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information they are authorized to but not while using this interface. By performing an SQL injection an attacker could see user profile attributes through this interface. IBM X-Force ID: 239305. |
2022-12-24 |
not yet calculated |
CVE-2022-43860 MISC MISC |
ibm — financial_transaction-manager |
IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system. IBM X-Force ID: 239708. |
2022-12-20 |
not yet calculated |
CVE-2022-43872 MISC MISC |
ibm — financial_transaction-manager |
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations. IBM X-Force ID: 240034. |
2022-12-20 |
not yet calculated |
CVE-2022-43875 MISC MISC |
pdftojson commit 94204bb — pdftojson commit 94204bb |
pdftojson commit 94204bb was discovered to contain a stack overflow via the component Object::copy(Object*):Object.cc. |
2022-12-19 |
not yet calculated |
CVE-2022-44108 MISC MISC |
pdftojson commit 94204bb — pdftojson commit 94204bb |
pdftojson commit 94204bb was discovered to contain a stack overflow via the component Stream::makeFilter(char*, Stream*, Object*, int). |
2022-12-19 |
not yet calculated |
CVE-2022-44109 MISC MISC |
otrs — otrs |
Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. |
2022-12-19 |
not yet calculated |
CVE-2022-4427 MISC |
zenphoto — zenphoto |
Stored cross-site scripting vulnerability in Zenphoto versions prior to 1.6 allows remote a remote authenticated attacker with an administrative privilege to inject an arbitrary script. |
2022-12-21 |
not yet calculated |
CVE-2022-44449 MISC MISC MISC |
uisp_wireless– multiple_products |
An improper access validation vulnerability exists in airMAX AC <8.7.11, airFiber 60/LR <2.6.2, airFiber 60 XG/HD <v1.0.0 and airFiber GBE <1.4.1 that allows a malicious actor to retrieve status and usage data from the UISP device. |
2022-12-23 |
not yet calculated |
CVE-2022-44565 MISC |
rocket.chat-desktop — rocket.chat-desktop |
A command injection vulnerability exists in Rocket.Chat-Desktop <3.8.14 that could allow an attacker to pass a malicious url of openInternalVideoChatWindow to shell.openExternal(), which may lead to remote code execution (internalVideoChatWindow.ts#L17). To exploit the vulnerability, the internal video chat window must be disabled or a Mac App Store build must be used (internalVideoChatWindow.ts#L14). The vulnerability may be exploited by an XSS attack because the function openInternalVideoChatWindow is exposed in the Rocket.Chat-Desktop-API. |
2022-12-23 |
not yet calculated |
CVE-2022-44567 MISC |
grafana_labs — enterprise_metrics |
A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not be applied when using this policy with the affected versions of the software. This issue affects: Grafana Labs Grafana Enterprise Metrics GEM 1.X versions prior to 1.7.1 on AMD64; GEM 2.X versions prior to 2.3.1 on AMD64. |
2022-12-20 |
not yet calculated |
CVE-2022-44643 MISC MISC |
hcl_software– bigfix_insights_for_vulnerability_remediation |
Insights for Vulnerability Remediation (IVR) is vulnerable to improper input validation. This may lead to information disclosure. This requires privileged access. |
2022-12-21 |
not yet calculated |
CVE-2022-44756 MISC |
patchelf — patchelf |
Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc. |
2022-12-19 |
not yet calculated |
CVE-2022-44940 MISC |
exuberant_ctags — exuberant_ctags |
A flaw was found in Exuberant Ctags in the way it handles the “-o” option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way. |
2022-12-20 |
not yet calculated |
CVE-2022-4515 MISC |
apache — shardingsphere-proxy |
Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn’t cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apache ShardingSphere 5.3.0. |
2022-12-22 |
not yet calculated |
CVE-2022-45347 MISC |
mozilla — multiple_products |
Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45403 MISC MISC MISC MISC |
mozilla — multiple_products
|
Through a series of popup and window.print() calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45404 MISC MISC MISC MISC |
mozilla — multiple_products |
Freeing arbitrary nsIInputStream ‘s on a different thread than creation could have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45405 MISC MISC MISC MISC |
mozilla — multiple_products |
If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45406 MISC MISC MISC MISC |
mozilla — firefox |
If an attacker loaded a font using FontFace() on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45407 MISC MISC |
mozilla — multiple_products |
Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45408 MISC MISC MISC MISC |
mozilla — multiple_products |
The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45409 MISC MISC MISC MISC |
mozilla — multiple_products |
When a ServiceWorker intercepted a request with FetchEvent , the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45410 MISC MISC MISC MISC |
mozilla — multiple_products |
Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on fetch() and XMLHttpRequest; however some webservers have implemented non-standard headers such as X-Http-Method-Override that override the HTTP method, and made this attack possible again. Thunderbird has applied the same mitigations to the use of this and similar headers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45411 MISC MISC MISC MISC |
mozilla — multiple_products |
When resolving a symlink such as file:///proc/self/fd/1 , an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. *This bug only affects Thunderbird on Unix-based operated systems (Android, Linux, MacOS). Windows is unaffected.*. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45412 MISC MISC MISC MISC |
mozilla — firefox |
Using the S.browser_fallback_url parameter parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent. *This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45413 MISC MISC |
mozilla — thunderbird |
If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targetting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago. This vulnerability affects Thunderbird < 102.5.1. |
2022-12-22 |
not yet calculated |
CVE-2022-45414 MISC MISC |
mozilla — firefox |
When downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was later ran. This vulnerability affects Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45415 MISC MISC |
mozilla — multiple_products |
Keyboard events reference strings like “KeyA” that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45416 MISC MISC MISC MISC |
mozilla — firefox |
Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45417 MISC MISC |
mozilla — multiple_products |
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45418 MISC MISC MISC MISC |
mozilla — firefox |
If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability affects Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45419 MISC MISC |
mozilla — multiple_products |
Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45420 MISC MISC MISC MISC |
mozilla — multiple_products |
Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-45421 MISC MISC MISC MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the hostname parameter in the formSetNetCheckTools function. |
2022-12-23 |
not yet calculated |
CVE-2022-45706 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsHijack function. |
2022-12-23 |
not yet calculated |
CVE-2022-45707 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the sPortMapIndex parameter in the formDelPortMapping function. |
2022-12-23 |
not yet calculated |
CVE-2022-45708 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple command injection vulnerabilities via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function. |
2022-12-23 |
not yet calculated |
CVE-2022-45709 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function. |
2022-12-23 |
not yet calculated |
CVE-2022-45710 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the hostname parameter in the formSetNetCheckTools function. |
2022-12-23 |
not yet calculated |
CVE-2022-45711 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsForward function. |
2022-12-23 |
not yet calculated |
CVE-2022-45712 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formQOSRuleDel function. |
2022-12-23 |
not yet calculated |
CVE-2022-45714 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pLanPortRange and pWanPortRange parameters in the formSetPortMapping function. |
2022-12-23 |
not yet calculated |
CVE-2022-45715 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formIPMacBindDel function. |
2022-12-23 |
not yet calculated |
CVE-2022-45716 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. This vulnerability is exploited via a crafted GET request. |
2022-12-23 |
not yet calculated |
CVE-2022-45717 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formIPMacBindAdd function. |
2022-12-23 |
not yet calculated |
CVE-2022-45718 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the gotoUrl parameter in the formPortalAuth function. |
2022-12-23 |
not yet calculated |
CVE-2022-45719 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function. |
2022-12-23 |
not yet calculated |
CVE-2022-45720 MISC |
ip-com_m50– ip-com_m50 |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function. |
2022-12-23 |
not yet calculated |
CVE-2022-45721 MISC |
trend_micro — apex_one |
A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abusing the service to delete a file. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
2022-12-24 |
not yet calculated |
CVE-2022-45798 MISC MISC |
baijiacms — baijiacms |
A Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4. |
2022-12-20 |
not yet calculated |
CVE-2022-45942 MISC MISC |
classcms — classcms |
here is an arbitrary file upload vulnerability in the file management function module of Classcms3.5. |
2022-12-22 |
not yet calculated |
CVE-2022-45966 MISC |
wbce_cms — wbce_cms |
WBCE CMS v1.5.4 can implement getshell by modifying the upload file type. |
2022-12-20 |
not yet calculated |
CVE-2022-46020 MISC |
d-link — dir-869_dir869ax_fw102b15 |
D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi. |
2022-12-20 |
not yet calculated |
CVE-2022-46076 MISC MISC |
sourcecodester — covid-19_directory_on_vaccination_system |
Sourcecodester Covid-19 Directory on Vaccination System 1.0 was discovered to contain a Cross-Site Scripting (XSS) vulnerability via verification.php because the program does not verify the txtvaccinationID parameter. |
2022-12-21 |
not yet calculated |
CVE-2022-46095 MISC MISC |
sourcecodester — covid-19_directory_on_vaccination_system |
A Cross site scripting (XSS) vulnerability in Sourcecodester Online Covid-19 Directory on Vaccination System v1.0 allows attackers to execute arbitrary code via the txtfullname parameter or txtphone parameter to register.php without logging in. |
2022-12-21 |
not yet calculated |
CVE-2022-46096 MISC |
ayacms — ayacms |
AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code. |
2022-12-22 |
not yet calculated |
CVE-2022-46101 MISC |
ayacms — ayacms |
AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php |
2022-12-22 |
not yet calculated |
CVE-2022-46102 MISC |
tp-link — tl-wr940n |
TP-Link TL-WR940N V4 3.16.9 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process. |
2022-12-20 |
not yet calculated |
CVE-2022-46139 MISC |
codeigniter– codeigniter |
CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie. |
2022-12-22 |
not yet calculated |
CVE-2022-46170 MISC MISC |
tauri-apps– tauri |
Tauri is a framework for building binaries for all major desktop platforms. The filesystem glob pattern wildcards `*`, `?`, and `[…]` match file path literals and leading dots by default, which unintentionally exposes sub folder content of allowed paths. Scopes without the wildcards are not affected. As `**` allows for sub directories the behavior there is also as expected. The issue has been patched in the latest release and was backported into the currently supported 1.x branches. There are no known workarounds at the time of publication. |
2022-12-23 |
not yet calculated |
CVE-2022-46171 MISC MISC MISC |
json — json |
JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including version `2.2.1` does not restrict parsing of keys named `__proto__`, allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype, which is the commonly understood definition of Prototype Pollution. However, polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys, but could include denial of service, cross-site scripting, elevation of privilege, and in extreme cases, remote code execution. `JSON5.parse` should restrict parsing of `__proto__` keys when parsing JSON strings to objects. As a point of reference, the `JSON.parse` method included in JavaScript ignores `__proto__` keys. Simply changing `JSON5.parse` to `JSON.parse` in the examples above mitigates this vulnerability. This vulnerability is patched in json5 version 2.2.2 and later. |
2022-12-24 |
not yet calculated |
CVE-2022-46175 MISC MISC MISC |
wordpress — wordpress |
The Sidebar Widgets by CodeLights plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Extra CSS class’ parameter in versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. |
2022-12-20 |
not yet calculated |
CVE-2022-4619 MISC MISC |
omron corporation — cx-drive |
Use after free vulnerability in CX-Drive V3.00 and earlier allows a local attacker to execute arbitrary code by having a user to open a specially crafted file, |
2022-12-21 |
not yet calculated |
CVE-2022-46282 MISC |
lirantal– daloradius |
Sensitive Cookie Without ‘HttpOnly’ Flag in GitHub repository lirantal/daloradius prior to master. |
2022-12-21 |
not yet calculated |
CVE-2022-4630 CONFIRM MISC |
wp-ban — wp-ban |
A vulnerability, which was classified as problematic, was found in WP-Ban. Affected is an unknown function of the file ban-options.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 22b925449c84faa9b7496abe4f8f5661cb5eb3bf. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216480. |
2022-12-21 |
not yet calculated |
CVE-2022-4631 N/A N/A |
auto_upload_images — auto_upload_images |
A vulnerability has been found in Auto Upload Images up to 3.3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 3.3.1 is able to address this issue. The name of the patch is 895770ee93887ec78429c78ffdfb865bee6f9436. It is recommended to upgrade the affected component. The identifier VDB-216481 was assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2022-4632 N/A N/A MISC |
auto_upload_images — auto_upload_images |
A vulnerability was found in Auto Upload Images up to 3.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file src/setting-page.php of the component Settings Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 3.3.1 is able to address this issue. The name of the patch is 895770ee93887ec78429c78ffdfb865bee6f9436. It is recommended to upgrade the affected component. VDB-216482 is the identifier assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2022-4633 N/A N/A MISC |
squirrel — squirrel.windows |
Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer. |
2022-12-21 |
not yet calculated |
CVE-2022-46330 MISC MISC MISC |
proofpoint — enterprise_protection |
Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below. |
2022-12-21 |
not yet calculated |
CVE-2022-46334 MISC |
ep3-bs — ep3-bs |
A vulnerability classified as problematic has been found in ep3-bs up to 1.7.x. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.8.0 is able to address this issue. The name of the patch is ef49e709c8adecc3a83cdc6164a67162991d2213. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216495. |
2022-12-21 |
not yet calculated |
CVE-2022-4637 N/A N/A N/A MISC |
collective.contact.widget — collective.contact.widget |
A vulnerability classified as problematic was found in collective.contact.widget up to 1.12. This vulnerability affects the function title of the file src/collective/contact/widget/widgets.py. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 5da36305ca7ed433782be8901c47387406fcda12. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216496. |
2022-12-21 |
not yet calculated |
CVE-2022-4638 N/A N/A |
sslh — sslh |
A vulnerability, which was classified as critical, has been found in sslh. This issue affects the function hexdump of the file probe.c of the component Packet Dumping Handler. The manipulation of the argument msg_info leads to format string. The attack may be initiated remotely. The name of the patch is b19f8a6046b080e4c2e28354a58556bb26040c6f. It is recommended to apply a patch to fix this issue. The identifier VDB-216497 was assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2022-4639 N/A N/A N/A |
microchip — multiple_products |
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) is unresponsive with ConReqTimeoutZero. |
2022-12-19 |
not yet calculated |
CVE-2022-46399 CONFIRM MISC MISC MISC |
mingsoft — mcms |
A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216499. |
2022-12-21 |
not yet calculated |
CVE-2022-4640 N/A N/A |
microchip — multiple_products |
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing. |
2022-12-19 |
not yet calculated |
CVE-2022-46400 CONFIRM MISC MISC MISC |
microchip — multiple_products |
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete. |
2022-12-19 |
not yet calculated |
CVE-2022-46401 CONFIRM MISC MISC MISC |
microchip — multiple_products |
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values. |
2022-12-19 |
not yet calculated |
CVE-2022-46402 CONFIRM MISC MISC MISC |
microchip — multiple_products |
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) mishandles reject messages. |
2022-12-19 |
not yet calculated |
CVE-2022-46403 CONFIRM MISC MISC MISC |
pig-vector– pig-vector |
A vulnerability was found in pig-vector and classified as problematic. Affected by this issue is the function LogisticRegression of the file src/main/java/org/apache/mahout/pig/LogisticRegression.java. The manipulation leads to insecure temporary file. The attack needs to be approached locally. The name of the patch is 1e7bd9fab5401a2df18d2eabd802adcf0dcf1f15. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216500. |
2022-12-21 |
not yet calculated |
CVE-2022-4641 N/A N/A N/A |
tatoeba2 — tatoeba2 |
A vulnerability was found in tatoeba2. It has been classified as problematic. This affects an unknown part of the component Profile Name Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version prod_2022-10-30 is able to address this issue. The name of the patch is 91110777fc8ddf1b4a2cf4e66e67db69b9700361. It is recommended to upgrade the affected component. The identifier VDB-216501 was assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2022-4642 N/A N/A N/A N/A |
apache — airflow_hive_provider |
Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0. |
2022-12-20 |
not yet calculated |
CVE-2022-46421 MISC MISC |
netgear — wnr2000 |
An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process. |
2022-12-20 |
not yet calculated |
CVE-2022-46422 MISC MISC |
netgear — wnr2000 |
An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v1.2.3.7 and earlier. |
2022-12-20 |
not yet calculated |
CVE-2022-46423 MISC MISC |
netgear — xwn5001_powerline_500_wifi_access_point |
An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v0.4.1.1 and earlier. |
2022-12-20 |
not yet calculated |
CVE-2022-46424 MISC MISC |
tp-link — wr1043nd |
TP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process. |
2022-12-20 |
not yet calculated |
CVE-2022-46428 MISC MISC |
docconv — docconv |
A vulnerability was found in docconv up to 1.2.0. It has been declared as critical. This vulnerability affects the function ConvertPDFImages of the file pdf_ocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. Upgrading to version 1.2.1 is able to address this issue. The name of the patch is b19021ade3d0b71c89d35cb00eb9e589a121faa5. It is recommended to upgrade the affected component. VDB-216502 is the identifier assigned to this vulnerability. |
2022-12-21 |
not yet calculated |
CVE-2022-4643 N/A N/A N/A MISC |
tp-link — tl-wr740n |
TP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process. |
2022-12-20 |
not yet calculated |
CVE-2022-46430 MISC MISC |
tp-link — tl-wr743nd |
An exploitable firmware modification vulnerability was discovered on TP-Link TL-WR743ND V1. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v3.12.20 and earlier. |
2022-12-20 |
not yet calculated |
CVE-2022-46432 MISC MISC |
tp-link — tl-wa7510n |
An issue in the firmware update process of TP-Link TL-WA7510N v1 v3.12.6 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image. |
2022-12-20 |
not yet calculated |
CVE-2022-46434 MISC MISC |
tp-link — multiple_products |
An issue in the firmware update process of TP-Link TL-WR941ND V2/V3 up to 3.13.9 and TL-WR941ND V4 up to 3.12.8 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image. |
2022-12-20 |
not yet calculated |
CVE-2022-46435 MISC MISC |
ikus060 — rdiffweb |
Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4. |
2022-12-22 |
not yet calculated |
CVE-2022-4644 MISC CONFIRM |
ikus060 — rdiffweb |
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4. |
2022-12-22 |
not yet calculated |
CVE-2022-4646 CONFIRM MISC |
nbnbk — nbnbk |
A Cross-Site Request Forgery (CSRF) vulnerability in the Add Administrator function of the default version of nbnbk allows attackers to arbitrarily add Administrator accounts. |
2022-12-22 |
not yet calculated |
CVE-2022-46491 MISC |
nbnbk — nbnbk |
nbnbk commit 879858451d53261d10f77d4709aee2d01c72c301 was discovered to contain an arbitrary file read vulnerability via the component /api/Index/getFileBinary. |
2022-12-23 |
not yet calculated |
CVE-2022-46492 MISC |
nbnbk — nbnbk |
Default version of nbnbk was discovered to contain an arbitrary file upload vulnerability via the component /api/User/download_img. |
2022-12-22 |
not yet calculated |
CVE-2022-46493 MISC |
d-link — dir-882_dir882a1_fw130b06 |
D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module. |
2022-12-23 |
not yet calculated |
CVE-2022-46560 MISC MISC |
d-link — dir-882_dir882a1_fw130b06 |
D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetWanSettings module. |
2022-12-23 |
not yet calculated |
CVE-2022-46561 MISC MISC |
d-link — dir-882_dir882a1_fw130b06 |
D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the PSK parameter in the SetQuickVPNSettings module. |
2022-12-23 |
not yet calculated |
CVE-2022-46562 MISC MISC |
d-link — dir-882_dir882a1_fw130b06 |
D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module. |
2022-12-23 |
not yet calculated |
CVE-2022-46563 MISC MISC |
d-link — dir-882_dir882a1_fw130b06 |
D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetQuickVPNSettings module. |
2022-12-23 |
not yet calculated |
CVE-2022-46566 MISC MISC |
d-link — dir-882_dir882a1_fw130b06 |
D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module. |
2022-12-23 |
not yet calculated |
CVE-2022-46568 MISC MISC |
d-link — dir-882_dir882a1_fw130b06 |
D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module. |
2022-12-23 |
not yet calculated |
CVE-2022-46569 MISC MISC |
d-link — dir-882_dir882a1_fw130b06 |
D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module. |
2022-12-23 |
not yet calculated |
CVE-2022-46570 MISC MISC |
linux — linux_kernel |
A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. |
2022-12-22 |
not yet calculated |
CVE-2022-4662 MISC MISC |
d-link — dir-846 a1_fw100a43 |
D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function. |
2022-12-23 |
not yet calculated |
CVE-2022-46641 MISC MISC |
d-link — dir-846 a1_fw100a43 |
D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function. |
2022-12-23 |
not yet calculated |
CVE-2022-46642 MISC MISC |
ampache — ampache |
Unrestricted Upload of File with Dangerous Type in GitHub repository ampache/ampache prior to 5.5.6. |
2022-12-23 |
not yet calculated |
CVE-2022-4665 CONFIRM MISC |
roxio — creator ljb |
Roxio Creator LJB starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service. The affected product and versions are as follows: Roxio Creator LJB version number 12.2 build number 106B62B, version number 12.2 build number 106B63A, version number 12.2 build number 106B69A, version number 12.2 build number 106B71A, and version number 12.2 build number 106B74A) |
2022-12-21 |
not yet calculated |
CVE-2022-46662 MISC MISC |
ibm — urbancode_deploy |
IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.18, 7.0.5.0 through 7.0.5.13, 7.1.0.0 through 7.1.2.9, 7.2.0.0 through 7.2.3.2 and 7.3.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 242273. |
2022-12-20 |
not yet calculated |
CVE-2022-46771 MISC MISC |
usememos — memos |
Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute in GitHub repository usememos/memos prior to 0.9.0. |
2022-12-23 |
not yet calculated |
CVE-2022-4683 CONFIRM MISC |
usememos — memos |
Improper Access Control in GitHub repository usememos/memos prior to 0.9.0. |
2022-12-23 |
not yet calculated |
CVE-2022-4684 CONFIRM MISC |
usememos — memos |
Improper Access Control in GitHub repository usememos/memos prior to 0.9.0. |
2022-12-23 |
not yet calculated |
CVE-2022-4685 CONFIRM MISC |
usememos — memos |
Improper Authentication in GitHub repository usememos/memos prior to 0.9.0. |
2022-12-23 |
not yet calculated |
CVE-2022-4686 MISC CONFIRM |
usememos — memos |
Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.0. |
2022-12-23 |
not yet calculated |
CVE-2022-4687 CONFIRM MISC |
mozilla — firefox |
An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. |
2022-12-22 |
not yet calculated |
CVE-2022-46871 MISC MISC |
mozilla — multiple_products |
An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. *This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. |
2022-12-22 |
not yet calculated |
CVE-2022-46872 MISC MISC MISC MISC |
mozilla — firefox |
Because Firefox did not implement the unsafe-hashes CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script. This would be severely constrained by the specified Content Security Policy of the document. This vulnerability affects Firefox < 108. |
2022-12-22 |
not yet calculated |
CVE-2022-46873 MISC MISC |
mozilla — multiple_products |
A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code. *Note*: This issue was originally included in the advisories for Thunderbird 102.6, but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird 102.6.1. This vulnerability affects Firefox < 108, Thunderbird < 102.6.1, Thunderbird < 102.6, and Firefox ESR < 102.6. |
2022-12-22 |
not yet calculated |
CVE-2022-46874 MISC MISC MISC MISC MISC |
mozilla — multiple_products |
The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user’s computer. *Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. |
2022-12-22 |
not yet calculated |
CVE-2022-46875 MISC MISC MISC MISC |
mozilla — firefox |
By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. |
2022-12-22 |
not yet calculated |
CVE-2022-46877 MISC MISC |
mozilla — multiple_products |
Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. |
2022-12-22 |
not yet calculated |
CVE-2022-46878 MISC MISC MISC MISC |
mozilla — firefox |
Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108. |
2022-12-22 |
not yet calculated |
CVE-2022-46879 MISC MISC |
usememos — memos |
Improper Authorization in GitHub repository usememos/memos prior to 0.9.0. |
2022-12-23 |
not yet calculated |
CVE-2022-4688 CONFIRM MISC |
mozilla — multiple_products |
A missing check related to tex units could have led to a use-after-free and potentially exploitable crash. *Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6. |
2022-12-22 |
not yet calculated |
CVE-2022-46880 MISC MISC MISC MISC |
mozilla — multiple_products |
An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6. |
2022-12-22 |
not yet calculated |
CVE-2022-46881 MISC MISC MISC MISC |
mozilla — multiple_products |
A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6. |
2022-12-22 |
not yet calculated |
CVE-2022-46882 MISC MISC MISC MISC |
mozilla — firefox |
Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. *Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 107. This vulnerability affects Firefox < 107. |
2022-12-22 |
not yet calculated |
CVE-2022-46883 MISC MISC |
mozilla — firefox |
Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106. |
2022-12-22 |
not yet calculated |
CVE-2022-46885 MISC MISC |
usememos — memos |
Improper Access Control in GitHub repository usememos/memos prior to 0.9.0. |
2022-12-23 |
not yet calculated |
CVE-2022-4689 CONFIRM MISC |
usememos — memos |
Cross-site Scripting (XSS) – Stored in GitHub repository usememos/memos prior to 0.9.0. |
2022-12-23 |
not yet calculated |
CVE-2022-4690 CONFIRM MISC |
tp-link — multiple_products |
An issue in the firmware update process of TP-Link TL-WA901ND V1 up to v3.11.2 and TL-WA901N V2 up to v3.12.16 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image. |
2022-12-20 |
not yet calculated |
CVE-2022-46910 MISC MISC |
tp-link — multiple_products |
An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image. |
2022-12-20 |
not yet calculated |
CVE-2022-46912 MISC MISC |
tp-link — multiple_products |
An issue in the firmware update process of TP-LINK TL-WA801N / TL-WA801ND V1 v3.12.16 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image. |
2022-12-20 |
not yet calculated |
CVE-2022-46914 MISC MISC |
usememos — memos |
Cross-site Scripting (XSS) – Stored in GitHub repository usememos/memos prior to 0.9.0. |
2022-12-23 |
not yet calculated |
CVE-2022-4692 CONFIRM MISC |
wordpress — wordpress |
The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wp_user_cover_default_image_url’ parameter in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. |
2022-12-23 |
not yet calculated |
CVE-2022-4697 MISC MISC |
wordpress — wordpress |
The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several form fields in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. |
2022-12-23 |
not yet calculated |
CVE-2022-4698 MISC MISC |
solarwinds– hybrid_cloud_observability |
Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. No other versions are affected |
2022-12-19 |
not yet calculated |
CVE-2022-47512 MISC MISC |
f-secure_safe_browser — f-secure_safe_browser |
F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack. |
2022-12-23 |
not yet calculated |
CVE-2022-47524 CONFIRM |
gossipsub — gossipsub |
GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned from the network) even though it continuously misbehaves by never forwarding topic messages. |
2022-12-19 |
not yet calculated |
CVE-2022-47547 MISC |
optee_os — optee_os |
An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted Execution Environment (OP-TEE) before 3.20 allows a physically proximate adversary to bypass signature verification and install malicious trusted applications via electromagnetic fault injections. |
2022-12-19 |
not yet calculated |
CVE-2022-47549 MISC MISC |
apiman — apiman |
Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project’s accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman versions before 3.0.0.Final. Because of this, 3.0.0.Final is not affected by the vulnerability. |
2022-12-20 |
not yet calculated |
CVE-2022-47551 MISC MISC |
zoho — manageengine_device_control_plus |
An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions by making use of a virtual machine (VM). This allows a file to be exchanged outside the laptop/system. VMs can be created by any user (even without admin rights). The data exfiltration can occur without any record in the audit trail of Windows events on the host machine. |
2022-12-20 |
not yet calculated |
CVE-2022-47577 MISC MISC |
zoho — manageengine_device_control_plus |
An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions by booting into Safe Mode. This allows a file to be exchanged outside the laptop/system. Safe Mode can be launched by any user (even without admin rights). Data exfiltration can occur, and also malware might be introduced onto the system. |
2022-12-20 |
not yet calculated |
CVE-2022-47578 MISC MISC |
isode_m-vault — isode_m-vault |
Isode M-Vault 16.0v0 through 17.x before 17.0v24 can crash upon an LDAP v1 bind request. |
2022-12-21 |
not yet calculated |
CVE-2022-47581 MISC |
libksba — libksba |
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. |
2022-12-20 |
not yet calculated |
CVE-2022-47629 MISC MISC DEBIAN MLIST |
kyverno — kyverno |
An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry (or a man-in-the-middle attacker) to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations are available for impacted releases. |
2022-12-23 |
not yet calculated |
CVE-2022-47633 MISC MISC MISC CONFIRM MISC |
wildix_wms — wildix_wms |
Wildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23 allows Server-side request forgery (SSRF) via ZohoClient.php. |
2022-12-21 |
not yet calculated |
CVE-2022-47635 CONFIRM |
jetbrains — intellij-idea |
In JetBrains IntelliJ IDEA before 2022.3.1 the “Validate JSP File” action used the HTTP protocol to download required JAR files. |
2022-12-22 |
not yet calculated |
CVE-2022-47895 MISC |
jetbrains — intellij-idea |
In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks. |
2022-12-22 |
not yet calculated |
CVE-2022-47896 MISC |
ayacms — ayacms |
AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php |
2022-12-22 |
not yet calculated |
CVE-2022-47926 MISC |
misp — misp |
In MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp. |
2022-12-22 |
not yet calculated |
CVE-2022-47928 MISC |
io_finnet_tss-lib — io_finnet_tss-lib |
IO FinNet tss-lib before 2.0.0 allows a collision of hash values. |
2022-12-23 |
not yet calculated |
CVE-2022-47931 MISC MISC |
brave_browser — brave_browser |
Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This vulnerability is caused by an incomplete fix for CVE-2022-47933. |
2022-12-24 |
not yet calculated |
CVE-2022-47932 MISC MISC MISC MISC |
brave_browser — brave_browser |
Brave Browser before 1.42.51 allowed a remote attacker to cause a denial of service via a crafted HTML file that references the IPFS scheme. This vulnerability is caused by an uncaught exception in the function ipfs::OnBeforeURLRequest_IPFSRedirectWork() in ipfs_redirect_network_delegate_helper.cc. |
2022-12-24 |
not yet calculated |
CVE-2022-47933 MISC MISC MISC MISC MISC |
brave_browser — brave_browser |
Brave Browser before 1.43.88 allowed a remote attacker to cause a denial of service in private and guest windows via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This is caused by an incomplete fix for CVE-2022-47932 and CVE-2022-47934. |
2022-12-24 |
not yet calculated |
CVE-2022-47934 MISC MISC MISC MISC MISC |
linux — ksmbd |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT. |
2022-12-23 |
not yet calculated |
CVE-2022-47938 MISC MISC MISC MLIST |
linux — ksmbd |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT. |
2022-12-23 |
not yet calculated |
CVE-2022-47939 MISC MISC MISC MLIST |
linux — ksmbd |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2_write. |
2022-12-23 |
not yet calculated |
CVE-2022-47940 MISC MISC MISC MLIST |
linux — ksmbd |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2_handle_negotiate error conditions, aka a memory leak. |
2022-12-23 |
not yet calculated |
CVE-2022-47941 MISC MISC MISC MLIST |
linux — ksmbd |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command. |
2022-12-23 |
not yet calculated |
CVE-2022-47942 MISC MISC MISC MLIST |
linux — ksmbd |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case. |
2022-12-23 |
not yet calculated |
CVE-2022-47943 MISC MISC MISC MLIST |
thinkphp_framework — thinkphp_framework |
ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php. |
2022-12-23 |
not yet calculated |
CVE-2022-47945 MISC MISC MISC |
linux — kernel |
An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq. |
2022-12-23 |
not yet calculated |
CVE-2022-47946 MISC MISC |
nintendo — networkbuffer |
The Nintendo NetworkBuffer class, as used in Animal Crossing: New Horizons before 2.0.6 and other products, allows remote attackers to execute arbitrary code via a large UDP packet that causes a buffer overflow, aka ENLBufferPwn. The victim must join a game session with the attacker. Other affected products include Mario Kart 7 before 1.2, Mario Kart 8, Mario Kart 8 Deluxe before 2.1.0, ARMS before 5.4.1, Splatoon, Splatoon 2 before 5.5.1, Splatoon 3 before late 2022, Super Mario Maker 2 before 3.0.2, and Nintendo Switch Sports before late 2022. |
2022-12-24 |
not yet calculated |
CVE-2022-47949 MISC |
Recent Comments