โผ CVE-2022-0844 โผ
๐ Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2442 โผ
๐ Read
via "National Vulnerability Database".
The Migration, Backup, Staging รขโฌโ WPvivid plugin for WordPress is vulnerable to deserialization of untrusted input via the 'path' parameter in versions up to, and including 0.9.74. This makes it possible for authenticated attackers with administrative privileges to call files using a PHAR wrapper that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-25308 โผ
๐ Read
via "National Vulnerability Database".
A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36038 โผ
๐ Read
via "National Vulnerability Database".
CircuitVerse is an open-source platform which allows users to construct digital logic circuits online. A remote code execution (RCE) vulnerability in CircuitVerse allows authenticated attackers to execute arbitrary code via specially crafted JSON payloads. This issue may lead to Remote Code Execution (RCE). A patch is available in commit number 7b3023a99499a7675f10f2c1d9effdf10c35fb6e. There are currently no known workarounds.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36670 โผ
๐ Read
via "National Vulnerability Database".
PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2717 โผ
๐ Read
via "National Vulnerability Database".
The JoomSport รขโฌโ for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter on the joomsport-events-form page in versions up to, and including, 5.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrative privileges, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36042 โผ
๐ Read
via "National Vulnerability Database".
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from dyld cache files. A user opening a malicious dyld cache file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number 556ca2f9eef01ec0f4a76d1fbacfcf3a87a44810 contains a patch.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36032 โผ
๐ Read
via "National Vulnerability Database".
ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like `__Host-` and `__Secure-` confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. This issue is fixed in ReactPHP HTTP version 1.7.0. As a workaround, Infrastructure or DevOps can place a reverse proxy in front of the ReactPHP HTTP server to filter out any unexpected `Cookie` request headers.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-1260 โผ
๐ Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26463 โผ
๐ Read
via "National Vulnerability Database".
In vow, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032686; Issue ID: ALPS07032686.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26465 โผ
๐ Read
via "National Vulnerability Database".
In audio ipi, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558799; Issue ID: ALPS06558799.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26470 โผ
๐ Read
via "National Vulnerability Database".
In aie, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07116037; Issue ID: ALPS07116037.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-35931 โผ
๐ Read
via "National Vulnerability Database".
Nextcloud Password Policy is an app that enables a Nextcloud server admin to define certain rules for passwords. Prior to versions 22.2.10, 23.0.7, and 24.0.3 the random password generator may, in very rare cases, generate common passwords that the validator itself would block. Upgrade Nextcloud Server to 22.2.10, 23.0.7 or 24.0.3 to receive a patch for the issue in Password Policy. There are no known workarounds available.๐ Read
via "National Vulnerability Database".
๐1
โผ CVE-2022-23684 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. Successful exploitation of this vulnerability allows an attacker to escalate privileges beyond their authorized level in ArubaOS-CX Switches version(s): AOS-CX 10.09.xxxx: 10.09.1020 and below, AOS-CX 10.08.xxxx: 10.08.1060 and below, AOS-CX 10.06.xxxx: 10.06.0200 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address this security vulnerability.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2516 โผ
๐ Read
via "National Vulnerability Database".
The Visual Composer Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post/page 'Title' value in versions up to, and including, 45.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with access to the visual composer editor to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26462 โผ
๐ Read
via "National Vulnerability Database".
In vow, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032660; Issue ID: ALPS07032660.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26450 โผ
๐ Read
via "National Vulnerability Database".
In apusys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07177801; Issue ID: ALPS07177801.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2935 โผ
๐ Read
via "National Vulnerability Database".
The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Media Image URL value that can be added to an Image Hover in versions up to, and including, 9.7.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, the plugin only allows administrators access to edit Image Hovers, however, if a site admin makes the plugin's features available to lower privileged users through the 'Who Can Edit?' setting then this can be exploited by those users.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26449 โผ
๐ Read
via "National Vulnerability Database".
In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07177810; Issue ID: ALPS07177810.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26469 โผ
๐ Read
via "National Vulnerability Database".
In MtkEmail, there is a possible escalation of privilege due to fragment injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07216598; Issue ID: ALPS07216598.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-43565 โผ
๐ Read
via "National Vulnerability Database".
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.๐ Read
via "National Vulnerability Database".