Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-39063 | 1 Open5gs | 1 Open5gs | 2022-09-21 | N/A | 7.5 HIGH |
| When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the f_teid_len from incoming message, and then uses it to copy data from incoming message to struct f_teid without checking the maximum length. If the pdi.local_f_teid.len exceeds the maximum length of the struct of f_teid, the memcpy() overwrites the fields (e.g., f_teid_len) after f_teid in the pdr struct. After parsing the request, the UPF starts to build a response. The f_teid_len with its overwritten value is used as a length for memcpy(). A segmentation fault occurs, as a result of a memcpy(), if this overwritten value is large enough. | |||||
| CVE-2022-1580 | 1 Freehtmldesigns | 1 Site Offline | 2022-09-21 | N/A | 4.3 MEDIUM |
| The Site Offline Or Coming Soon Or Maintenance Mode WordPress plugin before 1.5.3 prevents users from accessing a website but does not do so if the URL contained certain keywords. Adding those keywords to the URL's query string would bypass the plugin's main feature. | |||||
| CVE-2022-29240 | 1 Scylladb | 1 Scylla | 2022-09-21 | N/A | 8.1 HIGH |
| Scylla is a real-time big data database that is API-compatible with Apache Cassandra and Amazon DynamoDB. When decompressing CQL frame received from user, Scylla assumes that user-provided uncompressed length is correct. If user provides fake length, that is greater than the real one, part of decompression buffer won't be overwritten, and will be left uninitialized. This can be exploited in several ways, depending on the privileges of the user. 1. The main exploit is that an attacker with access to CQL port, but no user account, can bypass authentication, but only if there are other legitimate clients making connections to the cluster, and they use LZ4. 2. Attacker that already has a user account on the cluster can read parts of uninitialized memory, which can contain things like passwords of other users or fragments of other queries / results, which leads to authorization bypass and sensitive information disclosure. The bug has been patched in the following versions: Scylla Enterprise: 2020.1.14, 2021.1.12, 2022.1.0. Scylla Open Source: 4.6.7, 5.0.3. Users unable to upgrade should make sure none of their drivers connect to cluster using LZ4 compression, and that Scylla CQL port is behind firewall. Additionally make sure no untrusted client can connect to Scylla, by setting up authentication and applying workarounds from previous point (firewall, no lz4 compression). | |||||
| CVE-2022-38621 | 1 Doufox | 1 Doufox | 2022-09-21 | N/A | 9.8 CRITICAL |
| Doufox v0.0.4 was discovered to contain a remote code execution (RCE) vulnerability via the edit file page. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | |||||
| CVE-2022-39010 | 1 Huawei | 2 Emui, Harmonyos | 2022-09-21 | N/A | 7.5 HIGH |
| The HwChrService module has a vulnerability in permission control. Successful exploitation of this vulnerability may cause disclosure of user network information. | |||||
| CVE-2022-39009 | 1 Huawei | 2 Emui, Harmonyos | 2022-09-21 | N/A | 9.8 CRITICAL |
| The WLAN module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause third-party apps to affect WLAN functions. | |||||
| CVE-2022-39008 | 1 Huawei | 2 Emui, Harmonyos | 2022-09-21 | N/A | 9.1 CRITICAL |
| The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause third-party apps to read and write files that are accessible only to system apps. | |||||
| CVE-2022-40142 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2022-09-21 | N/A | 7.8 HIGH |
| A security link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service agents could allow a local attacker to create a writable folder in an arbitrary location and escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2022-40755 | 1 Jasper Project | 1 Jasper | 2022-09-21 | N/A | 5.5 MEDIUM |
| JasPer 3.0.6 allows denial of service via a reachable assertion in the function inttobits in libjasper/base/jas_image.c. | |||||
| CVE-2022-39007 | 1 Huawei | 2 Emui, Harmonyos | 2022-09-21 | N/A | 9.8 CRITICAL |
| The location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause privilege escalation. | |||||
| CVE-2022-40143 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2022-09-21 | N/A | 7.3 HIGH |
| A link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service servers could allow a local attacker to abuse an insecure directory that could allow a low-privileged user to run arbitrary code with elevated privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2022-40144 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2022-09-21 | N/A | 9.8 CRITICAL |
| A vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service could allow an attacker to bypass the product’s login authentication by falsifying request parameters on affected installations. | |||||
| CVE-2022-3217 | 1 Visam | 1 Vbase | 2022-09-21 | N/A | 7.5 HIGH |
| When logging in to a VBASE runtime project via Web-Remote, the product uses XOR with a static initial key to obfuscate login messages. An unauthenticated remote attacker with the ability to capture a login session can obtain the login credentials. | |||||
| CVE-2022-3142 | 1 Basixonline | 1 Nex-forms | 2022-09-21 | N/A | 8.8 HIGH |
| The NEX-Forms WordPress plugin before 7.9.7 does not properly sanitise and escape user input before using it in SQL statements, leading to SQL injections. The attack can be executed by anyone who is permitted to view the forms statistics chart, by default administrators, however can be configured otherwise via the plugin settings. | |||||
| CVE-2022-3141 | 1 Cozmoslabs | 1 Translatepress | 2022-09-21 | N/A | 8.8 HIGH |
| The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. By adding a new language (via the settings page) containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected. | |||||
| CVE-2022-35701 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2022-09-21 | N/A | 7.8 HIGH |
| Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-35700 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2022-09-21 | N/A | 7.8 HIGH |
| Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-35703 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2022-09-21 | N/A | 7.8 HIGH |
| Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-35702 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2022-09-21 | N/A | 7.8 HIGH |
| Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-35706 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2022-09-21 | N/A | 7.8 HIGH |
| Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||