Les dernières vulnérabilités publiées sur la National Vulnerability Database (NVD)

CVE-2022-1813 - OS Command Injection in GitHub repository yogeshojha/rengine prior to 1.2.0.
22/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1813
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1809 - Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1809
Partager : LinkedIn / Twitter / Facebook

CVE-2022-31268 - A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname).
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-31268
Partager : LinkedIn / Twitter / Facebook

CVE-2022-31267 - Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext 'attacker@example.com\n\trole = "#admin"' value.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-31267
Partager : LinkedIn / Twitter / Facebook

CVE-2022-31264 - Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-31264
Partager : LinkedIn / Twitter / Facebook

CVE-2022-31259 - The route lookup process in beego through 1.12.4 and 2.x through 2.0.2 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places (e.g., p1.xml instead of p1).
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-31259
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1752 - Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1752
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29222 - Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection itself is still secure. The Certificate provided by clients can't be trusted when using a Pion DTLS server prior to version 2.1.5. Users should upgrade to version 2.1.5 to receive a patch. There are currently no known workarounds.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29222
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29216 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's `saved_model_cli` tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had several test cases where numpy expressions were used as arguments. However, given that the tool is always run manually, the impact of this is still not severe. The maintainers have now removed the `safe=False` argument, so all parsing is done without calling `eval`. The patch is available in versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29216
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29215 - RegionProtect is a plugin that allows users to manage certain events in certain regions of the world. Versions prior to 1.1.0 contain a YAML injection vulnerability that can cause an instant server crash if the passed arguments are not matched. Version 1.1.0 contains a patch for this issue. As a workaround, restrict operator permissions to untrusted people and avoid entering arguments likely to cause a crash.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29215
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29214 - NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. Prior to versions 3.29.3 and 4.3.3, an open redirect vulnerability is present when the developer is implementing an OAuth 1 provider. Versions 3.29.3 and 4.3.3 contain a patch for this issue. The maintainers recommend adding a certain configuration to one's `callbacks` option as a workaround for those unable to upgrade.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29214
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29213 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the `tf.compat.v1.signal.rfft2d` and `tf.compat.v1.signal.rfft3d` lack input validation and under certain condition can result in crashes (due to `CHECK`-failures). Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29213
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29212 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, certain TFLite models that were created using TFLite model converter would crash when loaded in the TFLite interpreter. The culprit is that during quantization the scale of values could be greater than 1 but code was always assuming sub-unit scaling. Thus, since code was calling `QuantizeMultiplierSmallerThanOneExp`, the `TFLITE_CHECK_LT` assertion would trigger and abort the process. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29212
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29211 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.histogram_fixed_width` is vulnerable to a crash when the values array contain `Not a Number` (`NaN`) elements. The implementation assumes that all floating point operations are defined and then converts a floating point result to an integer index. If `values` contains `NaN` then the result of the division is still `NaN` and the cast to `int32` would result in a crash. This only occurs on the CPU implementation. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29211
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29210 - TensorFlow is an open source platform for machine learning. In version 2.8.0, the `TensorKey` hash function used total estimated `AllocatedBytes()`, which (a) is an estimate per tensor, and (b) is a very poor hash function for constants (e.g. `int32_t`). It also tried to access individual tensor bytes through `tensor.data()` of size `AllocatedBytes()`. This led to ASAN failures because the `AllocatedBytes()` is an estimate of total bytes allocated by a tensor, including any pointed-to constructs (e.g. strings), and does not refer to contiguous bytes in the `.data()` buffer. The discoverers could not use this byte vector anyway because types such as `tstring` include pointers, whereas they needed to hash the string values themselves. This issue is patched in Tensorflow versions 2.9.0 and 2.8.1.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29210
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29209 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions (e.g., `CHECK_LT`, `CHECK_GT`, etc.) have an incorrect logic when comparing `size_t` and `int` values. Due to type conversion rules, several of the macros would trigger incorrectly. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29209
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29190 - Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinite loop when processing. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29190
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29189 - Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, a buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the handshake completes or timed out. An attacker could exploit this to cause excessive memory usage. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29189
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29188 - Smokescreen is an HTTP proxy. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by surrounding the hostname with square brackets (e.g. `[example.com]`). This only impacted the HTTP proxy functionality of Smokescreen. HTTPS requests were not impacted. Smokescreen version 0.0.4 contains a patch for this issue.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29188
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29207 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these API calls, but migration to TF 2.x eager mode opened up this vulnerability. If the resource handle is empty, then a reference is bound to a null pointer inside TensorFlow codebase (various codepaths). This is undefined behavior. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29207
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29200 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LSTMBlockCell` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code does not validate the ranks of any of the arguments to this API call. This results in `CHECK`-failures when the elements of the tensor are accessed. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29200
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29199 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `initializing_values` is a vector but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29199
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29198 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorToCSRSparseMatrix` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `dense_shape` is a vector and `indices` is a matrix (as part of requirements for sparse tensors) but there is no validation for this. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29198
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29197 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a scalar but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29197
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29196 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.Conv3DBackpropFilterV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code does not validate that the `filter_sizes` argument is a vector. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29196
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29195 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.StagePeek` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `index` is a scalar but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29195
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29193 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.TensorSummaryV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29193
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1803 - Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1803
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29447 - Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29447
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29434 - Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29434
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29432 - Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29432
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29431 - Cross-Site Request Forgery (CSRF) vulnerability in KubiQ CPT base plugin
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29431
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29430 - Cross-Site Scripting (XSS) vulnerability in KubiQ's PNG to JPG plugin
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29430
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29428 - Cross-Site Scripting (XSS) vulnerability in Muneeb's WP Slider Plugin
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29428
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29427 - Cross-Site Request Forgery (CSRF) vulnerability in Aftab Muni's Disable Right Click For WP plugin
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29427
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29426 - Authenticated (contributor or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team's Slideshow, Image Slider by 2J plugin
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29426
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29194 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.DeleteSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29194
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29192 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.QuantizeAndDequantizeV4Grad` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29192
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29191 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.GetSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29191
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29186 - Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Rundeck community and rundeck-enterprise docker images contained a pre-generated SSH keypair. If the id_rsa.pub public key of the keypair was copied to authorized_keys files on remote host, those hosts would allow access to anyone with the exposed private credentials. This misconfiguration only impacts Rundeck Docker instances of PagerDutyÂ® Process Automation On Prem (formerly Rundeck) version 4.0 and earlier, not Debian, RPM or .WAR. Additionally, the id_rsa.pub file would have to be copied from the Docker image filesystem contents without overwriting it and used to configure SSH access on a host. A patch on Rundeck's `main` branch has removed the pre-generated SSH key pair, but it does not remove exposed keys that have been configured. To patch, users must run a script on hosts in their environment to search for exposed keys and rotate them. Two workarounds are available: Do not use any pre-existing public key file from the rundeck docker images to allow SSH access by adding it to authorized_keys files and, if you have copied the public key file included in the docker image, remove it from any authorized_keys files.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29186
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28618 - A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays that could allow an attacker to execute arbitrary commands on a Nimble appliance. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28618
Partager : LinkedIn / Twitter / Facebook

CVE-2022-22973 - VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-22973
Partager : LinkedIn / Twitter / Facebook

CVE-2022-22972 - VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-22972
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29448 - Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29448
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29425 - Cross-Site Scripting (XSS) vulnerability in WP Wham's Checkout Files Upload for WooCommerce plugin
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29425
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29424 - Authenticated (admin or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in Biplob Adhikari's Image Hover Effects Ultimate plugin
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29424
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29185 - totp-rs is a Rust library that permits the creation of 2FA authentification tokens per time-based one-time password (TOTP). Prior to version 1.1.0, token comparison was not constant time, and could theorically be used to guess value of an TOTP token, and thus reuse it in the same time window. The attacker would have to know the password beforehand nonetheless. Starting with patched version 1.1.0, the library uses constant-time comparison. There are currently no known workarounds.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29185
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29184 - GoCD is a continuous delivery server. In GoCD versions prior to 22.1.0, it is possible for existing authenticated users who have permissions to edit or create pipeline materials or pipeline configuration repositories to get remote code execution capability on the GoCD server via configuring a malicious branch name which abuses Mercurial hooks/aliases to exploit a command injection weakness. An attacker would require access to an account with existing GoCD administration permissions to either create/edit (`hg`-based) configuration repositories; create/edit pipelines and their (`hg`-based) materials; or, where "pipelines-as-code" configuration repositories are used, to commit malicious configuration to such an external repository which will be automatically parsed into a pipeline configuration and (`hg`) material definition by the GoCD server. This issue is fixed in GoCD 22.1.0. As a workaround, users who do not use/rely upon Mercurial materials can uninstall/remove the `hg`/Mercurial binary from the underlying GoCD Server operating system or Docker image.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29184
Partager : LinkedIn / Twitter / Facebook

CVE-2022-24434 - This affects all versions of package dicer. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-24434
Partager : LinkedIn / Twitter / Facebook

CVE-2022-21195 - All versions of package url-regex are vulnerable to Regular Expression Denial of Service (ReDoS) which can cause the CPU usage to crash.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-21195
Partager : LinkedIn / Twitter / Facebook

CVE-2021-36833 - Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ibericode's MC4WP plugin
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2021-36833
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29183 - GoCD is a continuous delivery server. GoCD versions 20.2.0 until 21.4.0 are vulnerable to reflected cross-site scripting via abuse of the pipeline comparison function's error handling to render arbitrary HTML into the returned page. This could allow an attacker to trick a victim into executing code which would allow the attacker to operate on, or gain control over the same resources as the victim had access to. This issue is fixed in GoCD 21.4.0. As a workaround, block access to `/go/compare/.*` prior to GoCD Server via a reverse proxy, web application firewall or equivalent, which would prevent use of the pipeline comparison function.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29183
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29182 - GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 (inclusive) are vulnerable to a Document Object Model (DOM)-based cross-site scripting attack via a pipeline run's Stage Details > Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script that will run within the user's browser context and GoCD session via abuse of a messaging channel used for communication between with the parent page and the stage details graph's iframe. This could allow an attacker to steal a GoCD user's session cookies and/or execute malicious code in the user's context. This issue is fixed in GoCD 22.1.0. There are currently no known workarounds.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29182
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29181 - Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29181
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29179 - Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed, the attacker can escalate privileges to cluster admin by using Cilium's Kubernetes service account. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. There are no known workarounds available.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29179
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29178 - Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 1000 can access the API of Cilium via Unix domain socket available on the host where Cilium is running. This could allow malicious users to compromise integrity as well as system availability on that host. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. A potential workaround is to modify Cilium's DaemonSet to run with a certain command, which can be found in the GitHub Security Advisory for this vulnerability.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29178
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28995 - Rengine v1.0.2 was discovered to contain a remote code execution (RCE) vulnerability via the yaml configuration function.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28995
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28990 - WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28990
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28531 - Sourcecodester Covid-19 Directory on Vaccination System1.0 is vulnerable to SQL Injection via the admin/login.php txtusername (aka Username) field.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28531
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1770 - Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1770
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29177 - Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that addresses the problem. As a workaround, setting loglevel to default level (`INFO`) makes the node not vulnerable to this attack.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29177
Partager : LinkedIn / Twitter / Facebook

CVE-2022-22365 - IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames. IBM X-Force ID: 220904.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-22365
Partager : LinkedIn / Twitter / Facebook

CVE-2021-39043 - IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214032.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2021-39043
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29170 - Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesnâ€™t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29170
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29163 - Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.6 and 23.0.3, a user can create a link that is not password protected even if the administrator requires links to be password protected. Versions 22.2.6 and 23.0.3 contain a patch for this issue. There are currently no known workarounds.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29163
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29160 - Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.0, sensitive tokens, images, and user related details exist after deletion of a user account. This could result in misuse of the former account holder's information. Nextcloud Android version 3.19.0 contains a patch for this issue. There are no known workarounds available.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29160
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29159 - Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. In versions prior to 1.4.8, 1.5.6, and 1.6.1, an authenticated user can move stacks with cards from their own board to a board of another user. The Nextcloud Deck app contains a patch for this issue in versions 1.4.8, 1.5.6, and 1.6.1. There are no known currently-known workarounds available.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29159
Partager : LinkedIn / Twitter / Facebook

CVE-2022-24906 - Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthorized users. It is recommended that the Nextcloud Deck app is upgraded to 1.2.11, 1.4.6, or 1.5.4. There is no workaround available.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-24906
Partager : LinkedIn / Twitter / Facebook

CVE-2022-31245 - mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-31245
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29165 - Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A critical vulnerability has been discovered in Argo CD starting with version 1.4.0 and prior to versions 2.1.15, 2.2.9, and 2.3.4 which would allow unauthenticated users to impersonate as any Argo CD user or role, including the `admin` user, by sending a specifically crafted JSON Web Token (JWT) along with the request. In order for this vulnerability to be exploited, anonymous access to the Argo CD instance must have been enabled. In a default Argo CD installation, anonymous access is disabled. The vulnerability can be exploited to impersonate as any user or role, including the built-in `admin` account regardless of whether it is enabled or disabled. Also, the attacker does not need an account on the Argo CD instance in order to exploit this. If anonymous access to the instance is enabled, an attacker can escalate their privileges, effectively allowing them to gain the same privileges on the cluster as the Argo CD instance, which is cluster admin in a default installation. This will allow the attacker to create, manipulate and delete any resource on the cluster. They may also exfiltrate data by deploying malicious workloads with elevated privileges, thus bypassing any redaction of sensitive data otherwise enforced by the Argo CD API. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. As a workaround, one may disable anonymous access, but upgrading to a patched version is preferable.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29165
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28660 - The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices mode
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28660
Partager : LinkedIn / Twitter / Facebook

CVE-2021-43729 - Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized Security Key parameter.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2021-43729
Partager : LinkedIn / Twitter / Facebook

CVE-2021-43728 - Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized SSID parameter.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2021-43728
Partager : LinkedIn / Twitter / Facebook

CVE-2021-30028 - SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default credentials (the admin password for the admin account) to access the TELNET service, allowing attackers to erase/read/write the firmware remotely.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2021-30028
Partager : LinkedIn / Twitter / Facebook

CVE-2022-24905 - Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was found in Argo CD prior to versions 2.3.4, 2.2.9, and 2.1.15 that allows an attacker to spoof error messages on the login screen when single sign on (SSO) is enabled. In order to exploit this vulnerability, an attacker would have to trick the victim to visit a specially crafted URL which contains the message to be displayed. As far as the research of the Argo CD team concluded, it is not possible to specify any active content (e.g. Javascript) or other HTML fragments (e.g. clickable links) in the spoofed message. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. There are currently no known workarounds.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-24905
Partager : LinkedIn / Twitter / Facebook

CVE-2022-24904 - Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.7.0 and prior to versions 2.1.15m 2.2.9, and 2.3.4 is vulnerable to a symlink following bug allowing a malicious user with repository write access to leak sensitive files from Argo CD's repo-server. A malicious Argo CD user with write access for a repository which is (or may be) used in a directory-type Application may commit a symlink which points to an out-of-bounds file. Sensitive files which could be leaked include manifest files from other Applications' source repositories (potentially decrypted files, if you are using a decryption plugin) or any JSON-formatted secrets which have been mounted as files on the repo-server. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. Users of versions 2.3.0 or above who do not have any Jsonnet/directory-type Applications may disable the Jsonnet/directory config management tool as a workaround.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-24904
Partager : LinkedIn / Twitter / Facebook

CVE-2022-30887 - Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-30887
Partager : LinkedIn / Twitter / Facebook

CVE-2022-30886 - School Dormitory Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /dms/admin/reports/daily_collection_report.php.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-30886
Partager : LinkedIn / Twitter / Facebook

CVE-2022-30518 - ChatBot Application with a Suggestion Feature 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /simple_chat_bot/admin/responses/view_response.php.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-30518
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29883 - A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not restrict unauthenticated access to certain pages of the web interface. This could allow an attacker to delete log files without authentication.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29883
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29882 - A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this situation to store an XSS attack, which could - when a legitimate user accesses the error logs - perform arbitrary actions in the name of the user.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29882
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29881 - A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow unauthenticated users to extract internal configuration details.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29881
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29880 - A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate input in the configuration interface. This could allow an authenticated attacker to place persistent XSS attacks to perform arbitrary actions in the name of a logged user which accesses the affected views.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29880
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29879 - A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow authenticated users to access critical device information.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29879
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29878 - A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29878
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29877 - A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices allow unauthenticated access to the web interface configuration area. This could allow an attacker to extract internal configuration details or to reconfigure network settings. However, the reconfigured settings cannot be activated unless the role of an authenticated administrator user.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29877
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29876 - A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly handle the input of a GET request parameter. The provided argument is directly reflected in the web server response. This could allow an unauthenticated attacker to perform reflected XSS attacks.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29876
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29874 - A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the device.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29874
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29873 - A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29873
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29872 - A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29872
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29801 - A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29801
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29320 - MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29320
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29033 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library is vulnerable to uninitialized pointer free while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29033
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29032 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library contains a double free vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29032
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29031 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29031
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29030 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Mono_Loader.dll library is vulnerable to integer overflow condition while parsing specially crafted TG4 files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29030
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29029 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29029
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29028 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Tiff_Loader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29028
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29023 - A buffer overflow in the razermouse driver of OpenRazer v3.3.0 and below allows attackers to cause a Denial of Service (DoS) via a crafted buffer sent to the matrix_custom_frame device.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29023
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29022 - A buffer overflow in the razeraccessory driver of OpenRazer v3.3.0 and below allows attackers to cause a Denial of Service (DoS) via a crafted buffer sent to the matrix_custom_frame device.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29022
Partager : LinkedIn / Twitter / Facebook

Les annonces ayant été modifiées dernièrement

CVE-2022-31258 - In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-31258
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29208 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.EditDistance` has incomplete validation. Users can pass negative values to cause a segmentation fault based denial of service. In multiple places throughout the code, one may compute an index for a write operation. However, the existing validation only checks against the upper bound of the array. Hence, it is possible to write before the array by massaging the input to generate negative values for `loc`. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29208
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29206 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorDenseAdd` does not fully validate the input arguments. In this case, a reference gets bound to a `nullptr` during kernel execution. This is undefined behavior. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29206
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29205 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling `tf.compat.v1.*` ops which don't yet have support for quantized types, which was added after migration to TensorFlow 2.x. In these scenarios, since the kernel is missing, a `nullptr` value is passed to `ParseDimensionValue` for the `py_value` argument. Then, this is dereferenced, resulting in segfault. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29205
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29204 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29204
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29203 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SpaceToBatchND` (in all backends such as XLA and handwritten kernels) is vulnerable to an integer overflow: The result of this integer overflow is used to allocate the output tensor, hence we get a denial of service via a `CHECK`-failure (assertion failure), as in TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29203
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29202 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.ragged.constant` does not fully validate the input arguments. This results in a denial of service by consuming all available memory. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29202
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29201 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.QuantizedConv2D` does not fully validate the input arguments. In this case, references get bound to `nullptr` for each argument that is empty. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29201
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1775 - Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1775
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1769 - Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1769
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1733 - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.
21/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1733
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4107 - HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker with local access to the system could exploit this vulnerability to attain escalation of privileges, denial of service, or information disclosure.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2020-4107
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29652 - Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=save_client.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29652
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29304 - Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /classes/master.php?f=delete_ Facility.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29304
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28962 - Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=delete_client.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28962
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28961 - Spip Web Framework v3.1.13 and below was discovered to contain multiple SQL injection vulnerabilities at /ecrire via the lier_trad and where parameters.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28961
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28960 - A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28960
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28959 - Multiple cross-site scripting (XSS) vulnerabilities in the component /spip.php of Spip Web Framework v3.1.13 and below allows attackers to execute arbitrary web scripts or HTML.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28959
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28948 - An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28948
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28946 - An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service (DoS) via triggering out-of-range memory access.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28946
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1796 - Use After Free in GitHub repository vim/vim prior to 8.2.4979.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1796
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1785 - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1785
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1771 - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1771
Partager : LinkedIn / Twitter / Facebook

CVE-2022-30777 - Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter.
20/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-30777
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29581 - Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.
19/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29581
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29174 - countly-server is the server-side part of Countly, a product analytics solution. Prior to versions 22.03.7 and 21.11.4, a malicious actor who knows an account email address/username and full name specified in the database is capable of guessing the password reset token. The actor may use this information to reset the password and take over the account. The problem has been patched in Countly Server version 22.03.7 for servers using the new user interface and in 21.11.4 for servers using the old user interface.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29174
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29162 - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29162
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28616 - A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28616
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1362 - The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1362
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1361 - The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user's accounts and devices.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1361
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1360 - The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. This could allow a remote attacker to change server configuration settings.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1360
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1359 - The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted directory inside a specific route. If an attacker supplied path traversal charters (../) as part of a filename, the server will save the file where the attacker chooses. This could allow an attacker to write any data to any file in the server.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1359
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1358 - The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate and dump all data held in the cnMaestro database.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1358
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1357 - The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. This lack of validation could allow an attacker to append arbitrary data to the logger command.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1357
Partager : LinkedIn / Twitter / Facebook

CVE-2022-1356 - cnMaestro is vulnerable to a local privilege escalation. By default, a user does not have root privileges. However, a user can run scripts as sudo, which could allow an attacker to gain root privileges when running user scripts outside allowed commands.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-1356
Partager : LinkedIn / Twitter / Facebook

CVE-2022-30054 - In Covid 19 Travel Pass Management 1.0, the code parameter is vulnerable to SQL injection attacks.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-30054
Partager : LinkedIn / Twitter / Facebook

CVE-2022-30053 - In Toll Tax Management System 1.0, the id parameter appears to be vulnerable to SQL injection attacks.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-30053
Partager : LinkedIn / Twitter / Facebook

CVE-2022-30052 - In Home Clean Service System 1.0, the password parameter is vulnerable to SQL injection attacks.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-30052
Partager : LinkedIn / Twitter / Facebook

CVE-2022-30045 - An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-30045
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29436 - Persistent Cross-Site Scripting (XSS) vulnerability in Alexander Stokmann's Code Snippets Extended plugin
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29436
Partager : LinkedIn / Twitter / Facebook

CVE-2022-29435 - Cross-Site Request Forgery (CSRF) vulnerability in Alexander Stokmann's Code Snippets Extended plugin
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-29435
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28617 - A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28617
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28192 - NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free, which in turn may cause denial of service. This attack is complex to carry out because the attacker needs to have control over freeing some host side resources out of sequence, which requires elevated privileges.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28192
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28191 - NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where uncontrolled resource consumption can be triggered by an unprivileged regular user, which may lead to denial of service.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28191
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28190 - NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where improper input validation can cause denial of service.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28190
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28189 - NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a NULL pointer dereference may lead to a system crash.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28189
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28188 - NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28188
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28187 - NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where the memory management software does not release a resource after its effective lifetime has ended, which may lead to denial of service.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28187
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28186 - NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service or data tampering.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28186
Partager : LinkedIn / Twitter / Facebook

CVE-2022-28185 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the ECC layer, where an unprivileged regular user can cause an out-of-bounds write, which may lead to denial of service and data tampering.
18/05/2022 | https://nvd.nist.gov/vuln/detail/CVE-2022-28185
Partager : LinkedIn / Twitter / Facebook