Total
261 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-0031 | 2 Linux, Paloaltonetworks | 2 Linux Kernel, Cortex Xsoar | 2022-11-10 | N/A | 6.7 MEDIUM |
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges. | |||||
CVE-2022-27513 | 1 Citrix | 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway | 2022-11-09 | N/A | 9.6 CRITICAL |
Remote desktop takeover via phishing | |||||
CVE-2019-8921 | 3 Bluez, Debian, Linux | 3 Bluez, Debian Linux, Linux Kernel | 2022-11-07 | 3.3 LOW | 6.5 MEDIUM |
An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrary heap data. The root cause can be found in the function service_attr_req of sdpd-request.c. The server does not check whether the CSTATE data is the same in consecutive requests, and instead simply trusts that it is the same. | |||||
CVE-2022-26122 | 1 Fortinet | 3 Antivirus Engine, Fortimail, Fortios | 2022-11-04 | N/A | 8.6 HIGH |
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64. | |||||
CVE-2021-38396 | 1 Bostonscientific | 2 Zoom Latitude Pogrammer\/recorder\/monitor 3120, Zoom Latitude Pogrammer\/recorder\/monitor 3120 Firmware | 2022-10-27 | 4.6 MEDIUM | 6.8 MEDIUM |
The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. An attacker could leverage this weakness to install unauthorized software using a specially crafted USB. | |||||
CVE-2022-20829 | 1 Cisco | 25 Adaptive Security Device Manager, Asa 5512-x, Asa 5512-x Firmware and 22 more | 2022-10-26 | 9.0 HIGH | 7.2 HIGH |
A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco ASA Software. Potential targets are limited to users who manage the same device that is running Cisco ASA Software using ASDM. Cisco has released and will release software updates that address this vulnerability. | |||||
CVE-2022-34845 | 1 Robustel | 2 R1510, R1510 Firmware | 2022-10-25 | N/A | 2.7 LOW |
A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network packet can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
CVE-2022-24889 | 1 Nextcloud | 1 Nextcloud Server | 2022-10-25 | 4.3 MEDIUM | 4.3 MEDIUM |
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 21.0.8, 22.2.4, and 23.0.1, it is possible to trick administrators into enabling "recommended" apps for the Nextcloud server that they do not need, thus expanding their attack surface unnecessarily. This issue is fixed in versions 21.0.8 , 22.2.4, and 23.0.1. | |||||
CVE-2020-16122 | 2 Canonical, Packagekit Project | 2 Ubuntu Linux, Packagekit | 2022-10-21 | 2.1 LOW | 7.8 HIGH |
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages. | |||||
CVE-2021-43616 | 3 Fedoraproject, Netapp, Npmjs | 3 Fedora, Next Generation Application Programming Interface, Npm | 2022-10-17 | 7.5 HIGH | 9.8 CRITICAL |
** DISPUTED ** The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was supposed to have been blocked by an exact version match requirement in package-lock.json. NOTE: The npm team believes this is not a vulnerability. It would require someone to socially engineer package.json which has different dependencies than package-lock.json. That user would have to have file system or write access to change dependencies. The npm team states preventing malicious actors from socially engineering or gaining file system access is outside the scope of the npm CLI. | |||||
CVE-2022-36360 | 1 Siemens | 4 Logo\!8 Bm, Logo\!8 Bm Fs-05, Logo\!8 Bm Fs-05 Firmware and 1 more | 2022-10-12 | N/A | 7.5 HIGH |
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Affected devices load firmware updates without checking the authenticity. Furthermore the integrity of the unencrypted firmware is only verified by a non-cryptographic method. This could allow an attacker to manipulate a firmware update and flash it to the device. | |||||
CVE-2020-27670 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2022-10-07 | 6.9 MEDIUM | 7.8 HIGH |
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated. | |||||
CVE-2021-20267 | 2 Openstack, Redhat | 2 Neutron, Openstack Platform | 2022-10-06 | 5.5 MEDIUM | 7.1 HIGH |
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations. Only deployments using the Open vSwitch driver are affected. Source: OpenStack project. Versions before openstack-neutron 15.3.3, openstack-neutron 16.3.1 and openstack-neutron 17.1.1 are affected. | |||||
CVE-2020-6443 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-10-06 | 6.8 MEDIUM | 8.8 HIGH |
Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page. | |||||
CVE-2022-2255 | 2 Debian, Modwsgi | 2 Debian Linux, Mod Wsgi | 2022-09-30 | N/A | 7.5 HIGH |
A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing. | |||||
CVE-2022-36130 | 1 Hashicorp | 1 Boundary | 2022-09-09 | N/A | 9.9 CRITICAL |
HashiCorp Boundary up to 0.10.1 did not properly perform data integrity checks to ensure the resources were associated with the correct scopes, allowing potential privilege escalation for authorized users of another scope. Fixed in Boundary 0.10.2. | |||||
CVE-2022-38625 | 1 Patlite | 6 Nbm-d88n, Nbm-d88n Firmware, Nhl-3fb1 and 3 more | 2022-09-02 | N/A | 8.8 HIGH |
** DISPUTED ** Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during the upgrade firmware file upload process. This vulnerability allows authenticated attackers to create and upload their own custom-built firmware and inject malicious code. NOTE: the vendor's position is that this is a design choice, not a vulnerability. | |||||
CVE-2021-4122 | 1 Cryptsetup Project | 1 Cryptsetup | 2022-08-29 | N/A | 4.3 MEDIUM |
It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium. | |||||
CVE-2022-2793 | 1 Emerson | 1 Electric\'s Proficy | 2022-08-24 | N/A | 7.8 HIGH |
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol. | |||||
CVE-2022-2789 | 1 Emerson | 1 Electric\'s Proficy | 2022-08-23 | N/A | 5.5 MEDIUM |
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic. |